Browse by Tags

Related Posts
  • Blog Post: Microsoft releases Security Advisory 2963983

    Today, we released Security Advisory 2963983 regarding an issue that impacts Internet Explorer. At this time, we are only aware of limited, targeted attacks. This issue allows remote code execution if users visit a malicious website with an affected browser. This would typically occur by an attacker...
  • Blog Post: Security Advisory 979352 Released

    Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks. Today, Microsoft issued guidance to help customers mitigate a Remote Code Execution (RCE) vulnerability in Internet...
  • Blog Post: March Out-of-Band Security Bulletin Webcast

    Hi everyone, Last week Adrian Stone and I conducted a webcast to cover the Internet Explorer out-of-band security bulletin release. We only spent a short period of timing on the presentation and then spent the rest of the time answering customer questions which you can read here . There were some interesting...
  • Blog Post: Microsoft Security Advisory 975191 Released

    Hi Everyone, This is Alan Wallace, senior communications manager for our security response communications team. Today, Microsoft released Security Advisory 975191 , to provide customer guidance and protection from a vulnerability that could allow remote code execution on affected systems running the...
  • Blog Post: Microsoft Security Advisory 975191 Revised

    Hi Everyone, Today we updated Security Advisory 975191 as we are now seeing limited attacks. Additionally, a new proof of concept published allowing for Denial of Service (DoS) attacks on Windows XP and Windows Server 2003 with read access to the File Transfer Protocol (FTP) service. This does not...
  • Blog Post: Internet Explorer Cumulative Update Releasing Out-of-Band

    Today we issued our Advanced Notification Service (ANS) to advise customers that we will be releasing security update MS10-018 tomorrow, March 30, 2010, at approximately10:00 a.m. PDT (UTC-8). MS10-018 resolves Security Advisory 981374 , addressing a publicly disclosed vulnerability in Internet Explorer...
  • Blog Post: Security Advisory 979352 – Going out of Band

    We wanted to provide a quick update on the threat landscape and announce that we will release a security update out-of-band to help protect customers from this vulnerability. Based on our comprehensive monitoring of the threat landscape we continue to see very limited, and in some cases, targeted...
  • Blog Post: Out-of-Band Security Bulletin Webcast Q&A - March 30, 2010

    Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Group Manager, Response Communications Website: TechNet/security Chat Topic: March 2010 Out-of-Band Security Bulletin Date: Tuesday, March 30, 2010 Q: CVE-2010-0483 , like CVE-2010-0806 , is a remote code executable...
  • Blog Post: Microsoft Releases Security Advisory 2794220

    Today, we released Security Advisory 2794220 regarding an issue that impacts Internet Explorer 6, 7, and 8. We are only aware of a very small number of targeted attacks at this time. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically...
  • Blog Post: July 2010 Security Bulletin Release

    Hi everyone. As part of our usual monthly update cycle, today Microsoft is releasing four security bulletins to address five vulnerabilities in Windows and Microsoft Office. MS10-042 resolves a publicly disclosed and actively exploited vulnerability discussed in Security Advisory 2219475 . The update...
  • Blog Post: Investigating a new win32hlp and Internet Explorer issue

    Hi everyone, On Friday 2/26/2010, an issue was posted publicly that could allow an attacker to host a maliciously crafted web page and run arbitrary code if they could convince a user to visit the web page and then get them to press the F1 key in response to a pop up dialog box. We are not aware of any...
  • Blog Post: Microsoft Security Advisory 975497 Released

    We’ve just released Microsoft released Security Advisory 975497 that provides information about a new, irresponsibly reported vulnerability in SMB 2.0. Our investigation has shown that Windows Vista, Windows Server 2008 and Windows 7 RC are affected by this vulnerability. Windows 7 RTM, Windows Server...
  • Blog Post: Security Bulletin MS10-018 Released

    Hi everyone, Today we released MS10-018 out-of-band due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in Security Advisory 981374 . I want to reiterate that Internet Explorer 8 is not affected by this issue so customers using this version...
  • Blog Post: Out-of-Band Security Bulletin Webcast Q&A - January 21, 2010

    Hosts: Adrian Stone , Senior Security Program Manager Lead Jerry Bryant, Senior Security Communications Manager Lead Website: TechNet/security Chat Topic: January 2010 Out-of-Band Security Bulletin Date: Thursday , January 21, 2010 Q: I understand the severity for workstaitons. Is the...
  • Blog Post: ActiveX Control issue being addressed in Update Tuesday

    Late last Friday, November 8, 2013, a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publically disclosed. We have confirmed that this vulnerability is an issue already scheduled to be addressed in “Bulletin 3”, which will be released as MS13-090, as listed...
  • Blog Post: Security Advisory 2286198 Updated

    We've just updated Microsoft Security Advisory 2286198 to let customers know that we now have an automated "Fix It" available to implement the workaround we first outlined in our original posting on Friday, July 16, 2010. More information is available in the KB article 2286198 , but in summary running...
  • Blog Post: Update on Security Advisory 981374

    Hi everyone, I’m writing to let you know that we have updated Security Advisory 981374 with new workaround information. We are aware that exploit code has been made public for this issue. As with our last update, Internet Explorer 8 remains unaffected by the vulnerability addressed in the advisory...
  • Blog Post: Microsoft Security Advisory 977544 Released

    Today we released Security Advisory 977544 to provide information, including customer guidance, on a publicly reported Denial-of-Service (DoS) vulnerability affecting Server Messaging Block (SMB) Protocol. This vulnerability, in SMBv1 and SMBv2, affects Windows 7 and Windows Server 2008 R2. Windows Vista...
  • Blog Post: Security Advisory 2219475 Released

    Hello - We have released Security Advisory 2219475 , addressing the vulnerability in the Windows Help and Support Center function in Windows XP and Windows Server 2003. We are not aware of any active attacks at this time. Customers running Windows Vista, Windows 7, Windows Server 2008 and Windows...
  • Blog Post: Microsoft Releases Security Advisory 2458511

    Hi everyone, Today we released Security Advisory 2458511 to address a new vulnerability that could impact Internet Explorer users if they visit a website hosting malicious code. As of now, the impact of this vulnerability is extremely limited and we are not aware of any affected customers. The exploit...