Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: Internet Explorer Mitigations for ATL Data Stream Vulnerabilities

    IE security update MS09-034 implements two defense-in-depth measures intended to mitigate the threat of attacks which attempt to exploit the Microsoft Active Template Library (ATL) vulnerabilities described in Security Advisory 973882 and MS09-034 . We would like to explain these mitigations in more...
  • Blog Post: MSVIDCTL (MS09-032) and the ATL vulnerability

    Today we have released Security Advisory 973882 that describes vulnerabilities in the Microsoft Active Template Library (ATL), as well as security updates for Internet Explorer ( MS09-034 ) and Visual Studio ( MS09-035 ). The Visual Studio update addresses several vulnerabilities in the public versions...
  • Blog Post: MS09-037: Why we are using CVE's already used in MS09-035

    MS09-035 was released July 28 to address vulnerabilities in the Visual Studio Active Template Library (ATL). A related security update, MS09-034 , included a defense-in-depth Internet Explorer mitigation to help protect against attacks in vulnerable components. This morning, we released security bulletin...
  • Blog Post: ATL vulnerability developer deep dive

    This morning we released MS09-035 to address ATL vulnerabilities in Visual Studio. This blog post will help you answer the following questions: What are the ATL vulnerabilities? Which versions of ATL are vulnerable? How can I tell if my ActiveX control is affected? How can I fix a vulnerable...
  • Blog Post: Overview of the out-of-band release

    Today we released Security Advisory 973882 and with it, two out-of-band security bulletins. These updates are MS09-034 (an Internet Explorer update) and MS09-035 (a Visual Studio update). At this time for customers who have applied MS09-032 we are not aware of any “in the wild” exploits that leverage...