Sign in
Security Research & Defense
Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance
Connect
Postings are provided "AS IS" with no warranties, and confers no rights.
Get alerts when we update our blog!
Tags
.NET Framework
ActiveX
Adobe
ATL
Attack
Attack Surface Reduction
Attack Vector
authentication bypass
AutoPlay
AutoRun
CanSecWest
classid
clsid
COM
Defense-in-depth
DEP
detection
disassembly
dns
EMET
Exploitability
exploitation
FixIt
Font
full-disclosure
gdiplus
GS
HTML
ICMP
IE
IGMP
IIS
Internet Explorer (IE)
ISATAP
kernel
Killbit
malware
Man-in-the-Middle
Microsoft Office
Mitigations
ModSecurity
MS08-001
MS08-067
MS09-032
MS09-034
MS09-035
MS09-056
MS09-061
MS09-062
MS09-063
MS09-064
MS09-065
MS12-043
MSHTML
msmq
msvidctl
MSXML
MSXML5
multicast group
netmon
network
network capture
network protocol
NTLM
Open XML
phoenix bit
PKI
ProbeForRead
ProbeForWrite
protocol handlers
quartz.dll
rating
registry
Risk Asessment
RPC
safe for initialization
safe for scripting
Schannel
Security Bulletin
Security Science
Security Tools
security zones
SharePoint
signing
SMB
spoofing
SQL
SQL Injection
timing attack
TLS
tools
Visual Studio
win32k.sys
Windows Media components
WINS
Workarounds
XBAP
XSS
XSS Filter
Zero-Day Exploit
Browse by Tags
TechNet Blogs
>
Security Research & Defense
>
All Tags
>
disassembly
Tagged Content List
Blog Post:
Shellcode Analysis via MSEC Debugger Extensions
swiat
In a previous post we provided some background on the !exploitable Crash Analyzer which was released earlier this year. One of the things that we didn’t mention is that !exploitable is just one of the debugger commands exported by the MSEC debugger extension . This extension also contains some additional...
on
5 Jun 2009
Blog Post:
XP SP3 range check hiding an overflow condition?
migrady
We have received a few inquiries about the full disclosure posting http://seclists.org/fulldisclosure/2007/Dec/0470.html , where a range check was added in Windows XP SP3 for the Terminal Server RPC function RpcWinStationEnumerateProcesses. The speculation stated that this change was to hide an overflow...
on
8 Jan 2008
Page 1 of 1 (2 items)