31 Quotes by Stephen Toulouse

We can't leave anybody behind. And unfortunately you might be introducing new problems. So whenever we look at even a quick hack ... it's got to be of quality. That's what customers have told us time and again.

We have not tested this mitigation tool. We can't recommend it because we have not tested it...Customers should weigh the risk of applying something like this to their systems.

We're literally in a meeting going over our plans, keeping track of things, when we got word on Tuesday that CNN was reporting they had been hit. At the time, we knew a high-profile target was reporting they had been hit and they didn't know what it was. Their computers were shutting down and restarting,

We saw the exploit code and our Security Windows Reaction Team tested it against the patch, and we were convinced we would see an attack. It was only a matter of time,

This situation is now resolved and customers should be able to get the update. I want to reiterate that the problem had nothing to do with the update itself, you applied it manually from the download center or got it through SUS 1.0 it should install correctly and protect against the vulnerability. But it's available now for everyone.

Currently this exploit is not publicly available, but we continue to urge customers on older versions of our operating systems to deploy MS05-051 to help protect from attempted exploitation,

Currently that update is in the testing phase and could be released as early as April. But of course, that isn't final.

Our test and engineering plan for that update that we began two weeks ago is on track to have that update ready for Tuesday.

The MSRC is constantly monitoring the threat environment for any malicious activity. We are keeping an especially close eye on the newsgroups and vulnerability lists for exploits related to this month's activities and will mobilize immediately to help protect customers against threats as necessary.