Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: MS07-063 - The case of the insecure signature

    MS07-063 addresses a weakness in the SMBv2 message signing algorithm. SMB signing is a feature enabled by default on domain controllers to prevent man-in-the-middle attacks. As you can imagine, if an attacker on your local subnet can tamper with the SMB network traffic between your domain controller...
  • Blog Post: MS12-074: Addressing a vulnerability in WPAD’s PAC file handling

    Today we released MS12-074 , addressing a Critical class vulnerability in the .NET Framework that could potentially allow remote code execution with no user interaction. This particular CVE, CVE-2012-4776, could allow an attacker on a local network to host a malicious WPAD PAC file containing script...
  • Blog Post: MS12-054: Not all remote, pre-auth vulnerabilities are equally appetizing for worms..

    We released security update MS12-054 to address four privately reported issues in Windows networking components failing to properly handle malformed Remote Administration Protocol (RAP) responses. The most severe of these issues, CVE-2012-1851, is a format string vulnerability in the printer spooler...
  • Blog Post: MS10-061: Printer Spooler Vulnerability

    This morning we released security bulletin MS10-061 to address an issue in the Windows print spooler. In this blog post, we’d like to provide additional detail about the specific configurations of Windows that are vulnerable to this issue and more background on its connection to the Stuxnet malware...
  • Blog Post: Assessing the exploitability of MS11-083

    This month we released MS11-083 to address an externally found reference counter issue in TCP/IP stack. Here we would like to give further information about the exploitability of this vulnerability. Vulnerability The vulnerability presents itself in the specific scenario where an attacker can send a...