Security Research & Defense
Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance
Postings are provided "AS IS" with no warranties, and confers no rights.
Get alerts when we update our blog!
Attack Surface Reduction
Enhanced Mitigation Experience Toolkit
Internet Explorer (IE)
safe for initialization
safe for scripting
Windows Media components
Browse by Tags
Security Research & Defense
New vulnerability affecting Internet Explorer 8 users
Today, the MSRC released Security Advisory 2794220 alerting customers to limited, targeted attacks affecting customers using Internet Explorer 6, 7, and 8. Internet Explorer 9 and Internet Explorer 10 users are safe. More information about the vulnerability and exploit In this particular vulnerability...
29 Dec 2012
MS13-051: Get Out of My Office!
MS13-051 addresses a security vulnerability in Microsoft Office 2003 and Office for Mac. Newer versions of Microsoft Office for Windows are not affected by this vulnerability, but the newest version of Office for Mac (2011) is affected. We have seen this vulnerability exploited in targeted 0day attacks...
11 Jun 2013
MS08-043 : How to prevent this information disclosure vulnerability
In this month’s update for Excel we addressed an interesting CVE (CVE-2008-3003) – the first vulnerability to affect the new Open XML file format (but it doesn’t result in code execution). This is an information disclosure vulnerability that can arise when a user makes a data connection from Excel to...
12 Aug 2008
More information about the December 2011 ASP.Net vulnerability
Today, we released Security Advisory 2659883 alerting customers to a newly disclosed denial-of-service vulnerability affecting several vendors’ web application platforms, including Microsoft’s ASP.NET. This blog post will cover the following: Impact of the vulnerability How to know...
28 Dec 2011
Running in the wild, not for so long
Over the weekend we received a report from our partners about a possible unpatched Internet Explorer vulnerability being exploited in the wild. The exploit code uses a memory corruption bug triggered from a webpage but it deeply leverages a Flash SWF file in order to achieve reliable exploitation and...
11 Jul 2013
MS08-042 : Understanding and detecting a specific Word vulnerability
A few weeks ago we posted a blog entry titled " How to parse the .doc file format ". Today's blog post will show you how to use that information to check whether a .doc file is specially crafted to exploit MS08-042, one of the vulnerabilities addressed by today's security updates. This particular vulnerability...
12 Aug 2008
OffVis updated, Office file format training video created
In July, we released a beta Office file format viewer application called OffVis as a downloadable tool. We are pleased today to announce an updated version of OffVis and a 30 minute training video to help you understand the legacy Office binary file format. OffVis 1.1 The community response to...
14 Sep 2009
ASP.NET security update is live!
Today we released MS11-100 , addressing a newly disclosed denial-of-service vulnerability affecting several vendors’ Web application platforms, including Microsoft’s ASP.NET. Yesterday, we posted an SRD blog describing the vulnerability and the detection and workaround opportunities. With...
29 Dec 2011
How to parse the .doc file format
This past February, Microsoft publicly released the Office binary file formats specification . These describe how to parse Word, Excel, and PowerPoint files to review or extract the content. Because they describe the structure of these file formats in detail, we think the file format specification will...
19 Jul 2008
Announcing OffVis 1.0 Beta
We’ve gotten questions from security researchers and malware protection vendors about the binary file format used by Microsoft Word, PowerPoint, and Excel. The format specification is open and we have spoken at several conferences ( 1 , 2 , 3 ) about detecting malicious docs but we wanted to do more...
1 Aug 2009
New vulnerability in IIS5 and IIS6
This afternoon, the MSRC posted a security advisory describing a newly-disclosed vulnerability in the IIS FTP service that could potentially grant remote code execution to untrusted users. You can find the advisory here . Vulnerability summary The vulnerability is a stack overflow in the FTP service...
2 Sep 2009
© 2014 Microsoft Corporation.
Privacy & Cookies