Microsoft Security Response Center

The Microsoft Security Response Center (MSRC) identifies, monitors, responds to and resolves security incidents and vulnerabilities in Microsoft software.

Microsoft Security Response Center

  • November 2014 Updates

    Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office, .NET Framework, Internet Information Services (IIS), Remote Desktop Protocol (RDP), Active Directory Federation Services (ADFS), Input Method Editor (IME) (Japanese), and Kernel Mode Driver (KMD). We encourage you to apply all of these updates, but...
  • Security Bulletin MS14-068 released

    Today, we released an out-of-band security update to address a vulnerability in Kerberos which could allow Elevation of Privilege. This update is for all supported versions...

  • October 2014 Updates

    Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize deployment planning, we recommend focusing on the Critical updates first. Here’s an overview slide and video of the security updates released today...
  • December 2014 Updates

    Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in .....

  • Security Advisory 3010060 released

    Today, we released Security Advisory 3010060 to provide additional protections regarding limited, targeted attacks directed at Microsoft Windows customers. A cyberattacker could cause remote code execution if someone is tricked into opening a maliciously-crafted PowerPoint document that contains an infected Object Linking and Embedding (OLE) file. As part of this Security Advisory, we have included an easy, one-click Fix it solution to address the known cyberattack. Please review the "Suggested...
  • August 2014 Security Bulletin Webcast and Q&A

    Today, we published the August 2014 Security Bulletin webcast questions and answers page along with the webcast replay. We answered ten questions on air, with the majority focusing on the update for Internet Explorer . Here is the video replay: We are aware of some issues related to the recent updates and are working on a fix. For more information please read KB 2982791 . We invite you to join us for the next scheduled webcast on Wednesday, September 10, 2014, at 11 a.m. PDT (UTC -7)...
  • August 2014 Security Updates

    Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize their deployment planning, we recommend focusing on the Critical updates first. Here’s an overview slide and video of the security updates released...
  • Advance Notification Service for the September 2014 Security Bulletin Release

    Today, we provide advance notification for the release of four Security Bulletins. One of these updates is rated Critical and three are rated as Important in severity. These updates are for Microsoft Windows, Internet Explorer, .NET Framework and Lync. As a reminder, we are now using a new format for our Security Bulletin Webcast, scheduled on Wednesday, September 10, at 11 a.m. PDT. You are no longer required to register, download the Live Meeting client, or dial in to a separate number. A link...
  • Advance Notification Service for the December 2014 Security Bulletin Release

    Today, we provide advance notification for the release of seven Security Bulletins. Three of these updates are rated Critical and four are rated as Important in severity. These updates are for ....

  • September 2014 Security Bulletin Release Webcast and Q&A

    Today we’re publishing the September 2014 Security Bulletin Webcast Questions & Answers page . We fielded four questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS14-052) and a question about the Windows Update client. We invite you to join us for the next scheduled webcast on Wednesday, October 8, 2014, at 11 a.m. PDT (UTC -7), when we will go into detail about the October bulletin release and answer your bulletin...