Browse by Tags

Related Posts
  • Blog Post: General Availability for Enhanced Mitigation Experience Toolkit (EMET) 5.0

    Today, we are excited to announce the general availability of Enhanced Mitigation Experience Toolkit (EMET) 5.0 . EMET is a free tool, designed to help customers with their defense in depth strategies against cyberattacks, by helping block and terminate the most common techniques adversaries might use...
  • Blog Post: August 2012 Security Bulletin Webcast, Q&A, and Slide Deck

    Hello. Today we’re publishing the August 2012 Security Bulletin Webcast Questions & Answers page . During the webcast, we fielded twelve questions focusing primarily on MS12-060 covering Windows Common Controls, MS12-052 regarding Internet Explorer, and Security Advisory 2661254 addressing...
  • Blog Post: February 2010 Security Bulletin Release

    MSRC Bulletin Release Blog Post Hi everyone, As mentioned in our ANS blog post last week, today we are releasing 13 bulletins addressing 26 vulnerabilities. 11 bulletins affect Windows and 2 affect older versions of Microsoft Office. In the post on Thursday, we mentioned that bulletins in the ANS listed...
  • Blog Post: MS10-025 Security Update to be Re-released

    Hi, MS10-025 is a security update that only affects Windows 2000 Server customers who have installed Windows Media Services (this is a non-default configuration). Today we pulled the update because we found it does not address the underlying issue effectively. We are not aware of any active attacks...
  • Blog Post: Security Advisory 2286198 Updated

    We've just updated Microsoft Security Advisory 2286198 to let customers know that we now have an automated "Fix It" available to implement the workaround we first outlined in our original posting on Friday, July 16, 2010. More information is available in the KB article 2286198 , but in summary running...
  • Blog Post: November 2012 Bulletin Release

    Security Updates Today we released six security bulletins to help protect our customers - four Critical, one Important, and one Moderate – addressing 19 vulnerabilities in Microsoft Windows Shell, Windows Kernel, Internet Explorer, Internet Information Services (IIS), .NET Framework, and Excel...
  • Blog Post: Update on Security Advisory 981374

    Hi everyone, I’m writing to let you know that we have updated Security Advisory 981374 with new workaround information. We are aware that exploit code has been made public for this issue. As with our last update, Internet Explorer 8 remains unaffected by the vulnerability addressed in the advisory...
  • Blog Post: Microsoft Security Advisory 977544 Released

    Today we released Security Advisory 977544 to provide information, including customer guidance, on a publicly reported Denial-of-Service (DoS) vulnerability affecting Server Messaging Block (SMB) Protocol. This vulnerability, in SMBv1 and SMBv2, affects Windows 7 and Windows Server 2008 R2. Windows Vista...
  • Blog Post: Security Advisory 981169 Released

    Hello again, Today we released Security Advisory 981169 to address the VBScript issue involving Windows Help files that we blogged about yesterday . To reiterate what we said in that post, we are not aware of any active attacks at this time and the following operating systems are not affected by this...
  • Blog Post: Security Advisory 2416728 Released

    Hi everyone, Today we released Security Advisory 2416728 describing a publicly disclosed vulnerability in ASP.NET that affects all versions of the .NET Framework. At this time we are not aware of any attacks using this vulnerability and we encourage customers to review the advisory for mitigations...
  • Blog Post: Update - Restart Issues After Installing MS10-015

    In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time and are still investigating. Please review...
  • Blog Post: Announcing the BlueHat Prize for Advancement of Exploit Mitigations

    Protecting the general computing ecosystem is a really tough job, and given some of the media headlines, it’s easy to get discouraged and wallow in the problems. It seems like we’re constantly bombarded with statistics measuring the number of bugs, vulnerabilities, or attacks in an attempt...
  • Blog Post: Update on MS10-025

    I wanted to give customers an update on the status of MS10-025 . First, I want to reiterate that this issue affects only Windows 2000 Servers in a non-default configuration: Windows Media Services needs to be installed. Customers who do not have Windows Media Services installed are not affected and were...
  • Blog Post: August 2013 Security Bulletin Webcast, Q&A, and Slide Deck

    Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page . We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server ( MS13-061 ) and Windows Kernel ( MS13-063 ). There were 3 additional...
  • Blog Post: Security Advisory 983438 Released

    Hello. Today we released Security Advisory 983438 , addressing a cross-site scripting (XSS) vulnerability in SharePoint Server 2007 and SharePoint Services 3.0 that could allow Elevation of Privilege (EoP) within the SharePoint site itself. Servers are at reduced risk from Internet Explorer 8 clients...
  • Blog Post: Microsoft Releases Security Advisory 2794220

    Today, we released Security Advisory 2794220 regarding an issue that impacts Internet Explorer 6, 7, and 8. We are only aware of a very small number of targeted attacks at this time. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically...
  • Blog Post: Windows Help Vulnerability Disclosure

    Hello, We are aware of a publicly disclosed vulnerability affecting Windows XP and Windows Server 2003. We are not aware of any current exploitation of this issue and customers running Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this issue, or at...
  • Blog Post: A guide to exploit mitigations and the July 2011 security bulletin release

    Hello all -- Over the years we’ve often talked about exploit mitigations – DEP, ASLR, SEHOP and so forth – as effective tools for improving computer security, reducing risk, preventing attacks, and minimizing operational disruption. Today we’re releasing a user’s guide...