Check Out the New Microsoft Security Blog!
Got this from Ron Grattopp on my TS2 Team. Definitely worth sharing!
Microsoft's Security Vulnerability Research and Defense blog will provide in-depth technical information about the vulnerability research behind the patches and security updates the company releases each month.
The blog will be updated the second Tuesday of every month, aka "Patch Tuesday."
You may know that during technical investigations of security issues, a significant amount of information is discovered that doesn't make it in the official security updates. This could be info such as situations or attack vectors where workarounds may not be 100% effective, and workarounds that are specific to a particular attack or that are so complicated that they can't be recommended to all customers. There may also be info on mitigations that might not be present in all cases, best- practices-type guidance that applies to a particular vulnerability, and "interesting facts" about a vulnerability Microsoft is fixing that will help customers learn more about Windows, the security infrastructure, or the way the company conducts investigations. All-in-all some pretty good stuff, if you need, or just want, more in-depth info around these vulnerabilities or related security matters.
Bloggers will include Damian Hasse, lead security software engineer at Microsoft, and Jonathan Ness, who leads the company's Secure Windows Initiative defense team.
Oh, and here's the link: Security Vulnerability Research and Defense blog