MSRC

  • Out-of-Band Release to Address Microsoft Security Advisory 2963983

    At approximately 10 a.m. PDT, we will release an out-of-band security update to address the issue affecting Internet Explorer (IE) that was first discussed in Security Advisory 2963983. This update is fully tested and ready for release for all affected versions of the browser. The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically. If you’re unsure if you have automatic updates, or you...
  • Microsoft releases Security Advisory 2963983

    Today, we released Security Advisory 2963983 regarding an issue that impacts Internet Explorer. At this time, we are only aware of limited, targeted attacks. This issue allows remote code execution if users visit a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message. Our initial investigation has revealed that Enhanced Protected Mode, on by default for the modern browsing experience in Internet...
  • Security Update Released to Address Recent Internet Explorer Vulnerability

    Today, we released a security update to address the Internet Explorer (IE) vulnerability first described in Security Advisory 2963983 . This security update addresses every version of Internet Explorer. While we’ve seen only a limited number of targeted attacks, customers are advised to install this update promptly. The majority of our customers have automatic updates enabled and so will not need to take any action as protections will be downloaded and installed automatically. If you’re...
  • Driving a Collectively Stronger Security Community with Microsoft Interflow

    Today, Microsoft is pleased to announce the private preview of Microsoft Interflow , a security and threat information exchange platform for analysts and researchers working in cybersecurity. Interflow uses industry specifications to create an automated, machine-readable feed of threat and security information that can be shared across industries and groups in near real-time. The goal of the platform is to help security professionals respond more quickly to threats. It will also help reduce cost...
  • General Availability for Enhanced Mitigation Experience Toolkit (EMET) 5.0

    Today, we are excited to announce the general availability of Enhanced Mitigation Experience Toolkit (EMET) 5.0 . EMET is a free tool, designed to help customers with their defense in depth strategies against cyberattacks, by helping block and terminate the most common techniques adversaries might use in comprising systems. EMET 5.0 further helps to protect with two new mitigations, and with new capabilities giving customers additional flexibility on their deployments. EMET helps to protect systems...
  • The April 2014 Security Updates

    T. S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates . Today, we release four bulletins to address 11 CVEs in Microsoft Windows, Internet Explorer and Microsoft Office. The update for Microsoft Word addresses the issues described in Microsoft Security Advisory 2953095 . For those who prioritize,...
  • Microsoft Releases Security Advisory 2953095

    Today we released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. An attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer. As part of the security advisory, we have included an easy, one-click Fix it to address...
  • Out-of-band release for Security Bulletin MS14-068

    On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows....

  • Meet myBulletins: an online security bulletin customization service

    Microsoft is committed to promoting a safer, more trusted Internet and providing monthly security updates is one of the ways our customers keep their devices and connections to the Internet more secure. Packaging updates together into a monthly bulletin cycle stems from customer feedback and offers a predictable way to help protect them against newly discovered threats. Today, we are excited to introduce myBulletins , a new online security bulletin customization service. We’ve also created...
  • Advance Notification Service for the April 2014 Security Bulletin Release

    Today we provide advance notification for the release of four bulletins, two rated Critical and two rated Important in severity. These updates address issues in Microsoft Windows, Office and Internet Explorer. The update provided through MS14-017 fully addresses the Microsoft Word issue first described in Security Advisory 2953095 . This advisory also included a Fix it to disable opening rich-text format (RTF) files within Microsoft Word. Once the security update is applied, you should disable...