Brian Johnson’s Buffer Overrun blog is an excellent source of security information. (Brian’s the content specialist behind the MSDN Security Center for developers.)
Today, he points to the Microsoft Security Newsletter, another excellent source of information.
If security is even a small part of your job responsibilities, you should have Brian’s blog in your RSS feed and the MS Security Newsletter in your inbox.
Ed Bott 