Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: XP SP3 range check hiding an overflow condition?

    We have received a few inquiries about the full disclosure posting http://seclists.org/fulldisclosure/2007/Dec/0470.html , where a range check was added in Windows XP SP3 for the Terminal Server RPC function RpcWinStationEnumerateProcesses. The speculation stated that this change was to hide an overflow...
  • Blog Post: MS09-026: How a developer can know if their RPC interface is affected

    Today we are releasing MS09-026 which fixes a vulnerability in the Microsoft Windows RPC (Remote Procedure Call) NDR20 marshalling engine. This component is responsible for preparing data to be sent over the network and then translating it back to what the server or client application uses. NDR20 is...
  • Blog Post: MS08-065 : Exploitable for remote code execution?

    Today, we released MS08-065 to fix an issue in MSMQ. You’ll notice that the bulletin was rated “Important” and indicates that remote code execution is possible. However, we would like to show you that in practice the severity of the fixed issue is limited only to information disclosure. If the MSMQ...
  • Blog Post: Most common questions that we've been asked regarding MS08-067

    Since the release we have received several great questions regarding MS08-067 ( http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx ), thus we decided to compile answers for them. We still want to encourage everyone to apply the update. Can the vulnerability be reached through RPC...
  • Blog Post: More detail about MS08-067, the out-of-band netapi32.dll security update

    Today Microsoft released a security update that fixes a remote code execution vulnerability in the Windows Server Service. This is a serious vulnerability and we have seen targeted attacks using this vulnerability to compromise fully-patched Windows XP and Windows Server 2003 computers so we have released...
  • Blog Post: MS08-059 : Running Microsoft Host Integration Server 2006 as non-admin

    Microsoft Host Integration Server 2006 is an interesting product. It allows developers to manage business processes on IBM mainframe and AS/400 (big iron) servers as XML web services. You can find a free trial version available for download at http://www.microsoft.com/hiserver/downloads/default.mspx...