Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: Assessing risk for the September 2014 security updates

    Today we released four security bulletins addressing 42 unique CVE’s. One bulletin has a maximum severity rating of Critical and the other three have maximum severity Important. This table is designed to help you prioritize the deployment of updates appropriately for your environment. ...
  • Blog Post: Assessing risk for the August 2014 security updates

    Today we released nine security bulletins addressing 37 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other seven have a maximum severity rating of Important. This table is designed to help you prioritize the deployment of updates appropriately for your environment...
  • Blog Post: Assessing risk for the July 2014 security updates

    Today we released six security bulletins addressing 29 unique CVE’s. Two bulletins have a maximum severity rating of Critical, three have maximum severity Important, and one is Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment...
  • Blog Post: Assessing risk for the June 2014 security updates

    Today we released seven security bulletins addressing 66 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other five have a maximum severity rating of Important. This table is designed to help you prioritize the deployment of updates appropriately for your environment...
  • Blog Post: Assessing risk for the May 2014 security updates

    Today we released eight security bulletins addressing 13 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other six have a maximum severity rating of Important. The table is designed to help you prioritize the deployment of updates appropriately for your environment...
  • Blog Post: Assessing risk for the April 2014 security updates

    Today we released four security bulletins addressing 11 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other two have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your...
  • Blog Post: Assessing risk for the March 2014 security updates

    Today we released five security bulletins addressing 23 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other three have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your...
  • Blog Post: Assessing risk for the February 2014 security updates

    Today we released seven security bulletins addressing 31 unique CVE’s. Four bulletins have a maximum severity rating of Critical while the other three have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your...
  • Blog Post: An update on the DLL-preloading remote attack vector

    Last week, we released Security Advisory 2269637 notifying customers of a publicly disclosed remote attack vector to a class of vulnerabilities affecting applications that load dynamic-link libraries (DLL’s) in an insecure manner. At that time, we also released a tool to help protect systems by...
  • Blog Post: Assessing risk for the January 2012 security updates

    Today we released seven security bulletins. One has a maximum severity rating of Critical with the other six having a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most...
  • Blog Post: MS12-054: Not all remote, pre-auth vulnerabilities are equally appetizing for worms..

    We released security update MS12-054 to address four privately reported issues in Windows networking components failing to properly handle malformed Remote Administration Protocol (RAP) responses. The most severe of these issues, CVE-2012-1851, is a format string vulnerability in the printer spooler...
  • Blog Post: MS10-020: SMB Client Update

    Today Microsoft released MS10-020 , which addresses several vulnerabilities in the Windows SMB client. This blog post provides additional details to help prioritize installation of the update, and understand the attack vectors and mitigations that apply. Client-side vulnerabilities The first thing...
  • Blog Post: Assessing the risk of the December security bulletins

    This morning we released six security bulletins, three Critical and three Important, addressing 12 CVE’s. Please apply the Internet Explorer update right away as it poses the most risk of all the bulletins due to severity and exploitability. The Internet Explorer update addresses the vulnerability described...
  • Blog Post: MS08-001 - The case of the missing Windows Server 2003 attack vector

    Part 3 of our MS08-001 blog post series mentioned that Windows Server 2003 does not expose an attack vector to the vulnerable IGMP code execution vulnerability by default. Windows XP and Vista enable UPnP (Universal Plug-and-Play) which exposes an attack vector to the vulnerable code but Windows Server...
  • Blog Post: Protecting yourself from attacks that leverage fraudulent DigiNotar digital certificates

    Last week, we released Security Advisory 2607712 , notifying customers that fraudulent digital certificates had been issued by certificate authority DigiNotar. We’d like to follow up on that notification in this blog post by explaining more about the potential risks and actions you can take to...
  • Blog Post: Assessing the risk of the October security bulletins

    This morning we released 13 security bulletins, our largest release of 2009. Altogether, these bulletins address 34 separate CVEs. We’d like to use this blog post to help you prioritize your deployment of the updates. Prioritization Criteria We’ve provided a prioritized list of bulletins in the...
  • Blog Post: MS13-001: Vulnerability in Print Spooler service

    MS13-001 addresses a vulnerability in the way the Windows Print Spooler handles maliciously-crafted print jobs. The potential attack scenario is a little different than previous spooler service vulnerabilities so we’d like to share more details to help you assess the risk it may pose in your environment...
  • Blog Post: Service isolation explanation

    The past few days, we have had service isolation on our minds here in Redmond after the POC code posting last week from Cesar Cerrudo. Nazim Lala from the IIS team posted a great blog entry about the fix and why it is taking so long to release it. I expect it to be close to the amount of code churn as...
  • Blog Post: MS13-027: Addressing an issue in the USB driver requiring physical access

    Today we are addressing a vulnerability in the way that the Windows USB drivers handle USB descriptors when enumerating devices. ( KB 2807986 ). This update represents an expansion of our risk assessment methodology to recognize vulnerabilities that may require physical access, but do not require a valid...
  • Blog Post: Assessing risk for the June 2013 security updates

    Today we released five security bulletins addressing 23 CVE’s. One bulletin has a maximum severity rating of Critical, and four have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. ...
  • Blog Post: MS09-054: Extra info on the attack surface for the IE security bulletin

    MS09-054 addresses an IE vulnerability (CVE-2009-2529), which was discovered and presented by Mark Dowd, Ryan Smith, and David Dewey at the BlackHat conference in July. First we’d like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless...
  • Blog Post: Assessing the risk of the February security updates

    Today we released twelve security bulletins. Three have a maximum severity rating of Critical and nine have a maximum severity rating of Important. This release addresses three publicly disclosed vulnerabilities. We hope that the table below helps you prioritize the deployment of the updates appropriately...
  • Blog Post: MS12-014: Indeo, a blast from the past

    Today, we shipped security update MS12-014 to address an issue in the Indeo codec. With this blog post, we hope to preemptively answer some common questions that are likely to surface as researchers analyze this security update. Indeo: Blast from the Past Indeo is a video codec that was first developed...
  • Blog Post: Assessing risk for the January 2013 security updates

    Today we released seven security bulletins addressing 12 CVE’s. Two of the bulletins have a maximum severity rating of Critical, and five have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment...
  • Blog Post: Assessing risk for the July 2013 security updates

    Today we released seven security bulletins addressing 34 CVE’s. Six bulletins have a maximum severity rating of Critical, and one has a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. ...