Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: Help and Support Center vulnerability full-disclosure posting

    Yesterday evening, one of Google’s security researchers publicly released vulnerability details and a working exploit for an unpatched vulnerability in Windows XP and Windows Server 2003. This afternoon, we’ve released security advisory 2219475 with official guidance. We’d like to use...
  • Blog Post: MS08-055: Microsoft security response process, behind the scenes

    One of our blogging goals is to give you a peek “behind the scenes” into our security response process. We thought you might be interested in the story behind MS08-055 , this month's OneNote bulletin. In March, a security researcher sent in a report of an information disclosure vulnerability that...
  • Blog Post: MS09-019 (CVE-2009-1140): Benefits of IE Protected Mode, additional Network Protocol Lockdown workaround

    Benefits of IE Protected Mode One of the vulnerabilities addressed in MS09-019 , CVE-2009-1140, involves navigating to a local file via a UNC path, ex: \\127.0.0.1\c$. This roundabout way of navigating to a file is necessary to execute local content such that it runs in the Internet Explorer Internet...
  • Blog Post: MS08-015: Protocol Handler and its Default Security Zone

    MS08-015, CVE-2008-0110, addresses a vulnerability in Microsoft Outlook’s implementation of “mailto” URI handling. The attack can be launched via IE or other applications which invoke the “mailto” protocol. Applications can register pluggable protocol handlers to handle a custom Uniform Resource Locator...
  • Blog Post: MS08-075: Reducing attack surface by turning off protocol handlers

    Today Microsoft released a security update, MS08-075, that fixes a vulnerability in Windows Explorer in Vista and Server 2008 that was exposed through the search-ms protocol handler. This is a remote unauthenticated vulnerability that requires user interaction, so we wanted to give you a bit more information...
  • Blog Post: More information about the MHTML Script Injection vulnerability

    Today we released Security Advisory 2501696 to alert customers to a publicly disclosed vulnerability in the MHTML protocol handler. This vulnerability could allow attackers to construct malicious links pointing to HTML documents that, when clicked, would render the targeted document and reflected script...