Yesterday I received a copy of Hunting Security Bugs. One of this book's authors is Tom Gallagher, who posted thoughts on Microsoft's security initiatives.
This looks like a great book, especially as a companion to The Security Development Lifecycle, also by Microsoft authors.
A third book, The Practical Guide to Defect Prevention, arrives in the spring. This may be too developer-oriented for my needs, but I might take a look at it.
I am glad to see Microsoft sharing the knowledge it has gained through its ongoing security program.
You can look at my Amazon.com Wish List to track books I plan to read, but don't have copies. My reading page shows books I own that I plan to read. The reading page also links to my recommended books lists.