Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: MS10-007: Additional information and recommendations for developers

    Today we are releasing MS10-007 to address a URL validation issue generally applicable to the ShellExecute API. How would a malicious user leverage this vulnerability? This issue involves how ShellExecute handles strings that appear to be legitimate URLs, but are malformed such that they result...