AWS

Microsoft is looking into user reports of memory problems connected to its new Zune PC client 4.7 software update. View the full article

Zune 4.7 isn't a major update to Microsoft's digital media platform, but it provides Windows Phone support, streaming video capabilities, international support for Zune Marketplace, and other new features. View the full article

For being a social-media fan, Microsoft Chief Software Architect Ray Ozzie hasn’t been big on sharing publicly via blogging or Twitter. But on October 14, after a four-year hiatus, Ozzie started a new blog. View the full article

What do Microsoft Messenger Connect and System Center Configuration Manager 2007 R3 have in common? Not a whole lot, other than the fact that as of October 14, both are no longer in beta and are available in final form. View the full article

Microsoft will be offering its CRM Online 2011 service for a promotional introductory price of $34 per user per month, which will kick in starting in January 2011. View the full article

At the end of September, MobileTechWorld.com reported that Windows Live Messenger (WLM) was coming to Windows Phone 7, but that the instant-messaging application wouldn’t be developed by Microsoft. It turns out that report may be right. View the full article

New numbers are out from market-research firm IDC and search-analysis firm comScore on October 13. The findings: Apple is now No. 3 in U.S. PC shipments, and Bing/Yahoo’s combined U.S. search share is down slightly compared to last month. View the full article

Microsoft and Bing are partnering to “make Bing search more social.” In Web 2.0 speak, the idea is search graph + web graph = better answers. View the full article

Here's a quick guide to the consumer products and services Microsoft and its partners are offering this holiday season, including Windows 7 PCs and games, mice and keyboards, Xbox 360, Zune, and Kinect, and Office 2011 for the Mac. View the full article

I’ve gotten more than a few queries from Live Mesh beta users asking how much more time they had to use the Microsoft synchronization service before the plug was pulled. The answer: You have until March 31, 2011. View the full article

Microsoft is confirming there’s a beta of a tool coming that will allow users to sync Windows Phone 7 with Macs. View the full article

It’s about time for Microsoft to roll out the promised test version of its Business Productivity Online Suite (BPOS) version 2. I’d bet we’re going to see it about a week from now, on October 19. View the full article

Microsoft made available for download by any and all interested parties a public beta of its Microsoft Enterprise Desktop Virtualization (MED-V) 2.0 technology on October 12. View the full article

A look back at the Windows Phone 7 launch event, including some new information about the smart phone OS and some photos from the event. View the full article

October 11 was the official Microsoft launch of Windows Phone 7. I asked readers what they wanted to know and have gotten a number of questions about Microsoft’s strategy, the products and the future. Here are the answers I’ve been able to get (so far). View the full article

Bulletin Severity Rating:Moderate - This security update resolves a privately reported vulnerability in Windows shared cluster disks. The vulnerability could allow data tampering on the administrative shares of failover cluster disks. By default, Windows Server 2008 R2 servers are not affected by this vulnerability. This vulnerability only applies to cluster disks used in a failover cluster. View the full article

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow denial of service if an affected Internet Information Services (IIS) server hosting a Secure Sockets Layer (SSL)-enabled Web site received a specially crafted packet message. By default, IIS is not configured to host SSL Web sites. View the full article

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section. View the full article

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted file using WordPad or selects or opens a shortcut file that is on a network or WebDAV share. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. View the full article

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. View the full article

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in the Windows common control library. The vulnerability could allow remote code execution if a user visited a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. View the full article

Bulletin Severity Rating:Important - This security update resolves thirteen privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file or a specially crafted Lotus 1-2-3 file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. View the full article

Bulletin Severity Rating:Important - This security update resolves eleven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. View the full article

Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities in the Windows OpenType Font (OTF) format driver. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section. View the full article

Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. View the full article