Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: New Internet Explorer vulnerability affecting all versions of IE

    Today we released Security Advisory 2488013 to notify customers of a new publicly-disclosed vulnerability in Internet Explorer (IE). This vulnerability affects all versions of IE. Exploiting this vulnerability could lead to unauthorized remote code execution inside the iexplore.exe process. Proof...
  • Blog Post: Help and Support Center vulnerability full-disclosure posting

    Yesterday evening, one of Google’s security researchers publicly released vulnerability details and a working exploit for an unpatched vulnerability in Windows XP and Windows Server 2003. This afternoon, we’ve released security advisory 2219475 with official guidance. We’d like to use...
  • Blog Post: Internet Explorer Mitigations for ATL Data Stream Vulnerabilities

    IE security update MS09-034 implements two defense-in-depth measures intended to mitigate the threat of attacks which attempt to exploit the Microsoft Active Template Library (ATL) vulnerabilities described in Security Advisory 973882 and MS09-034 . We would like to explain these mitigations in more...
  • Blog Post: Behavior of ActiveX controls embedded in Office documents

    The Microsoft Office applications (Word, Excel, PowerPoint, etc) have built-in ActiveX control support. ActiveX support allows a richer experience when interacting with an Office document. For example, a document author could use the Safe-For-Initialization Office Web Components (OWC) ActiveX control...
  • Blog Post: CVE-2013-3893: Fix it workaround available

    Today, we released a Fix it workaround tool to address a new IE vulnerability that had been actively exploited in extremely limited, targeted attacks. This Fix it makes a minor modification to mshtml.dll when it is loaded in memory to address the vulnerability. This Fix it workaround tool is linked from...
  • Blog Post: Investigating the new PowerPoint issue

    This afternoon, we posted Security Advisory 969136 describing a new vulnerability in PowerPoint while parsing the legacy binary file format. Unfortunately, we discovered this vulnerability being used to deploy malware in targeted attacks. We expect this blog post will: Help you protect your organization...
  • Blog Post: MS08-043 : How to prevent this information disclosure vulnerability

    In this month’s update for Excel we addressed an interesting CVE (CVE-2008-3003) – the first vulnerability to affect the new Open XML file format (but it doesn’t result in code execution). This is an information disclosure vulnerability that can arise when a user makes a data connection from Excel to...
  • Blog Post: MS08-055: Microsoft security response process, behind the scenes

    One of our blogging goals is to give you a peek “behind the scenes” into our security response process. We thought you might be interested in the story behind MS08-055 , this month's OneNote bulletin. In March, a security researcher sent in a report of an information disclosure vulnerability that...
  • Blog Post: Clarification on the various workarounds from the recent IE advisory

    Today Microsoft revised the Workarounds section of Security Advisory 961051 . We wanted to share more detail about the vulnerability and explain the additional workarounds here to help you protect your computers. Information about the vulnerability The vulnerability is caused by memory corruption...
  • Blog Post: More information about the December 2011 ASP.Net vulnerability

    Today, we released Security Advisory 2659883 alerting customers to a newly disclosed denial-of-service vulnerability affecting several vendors’ web application platforms, including Microsoft’s ASP.NET. This blog post will cover the following: Impact of the vulnerability How to know...
  • Blog Post: MS10-001: Font file decompression vulnerability

    MS10-001 addresses a vulnerability (CVE-2010-0018 ) in the LZCOMP de-compressor for Microtype Express Fonts. This blog aims to answer some questions regarding the updates we’ve made in this area. What is the issue? t2embed.dll improperly performs bounds-checking on lengths which are decoded from the...
  • Blog Post: More information on MS12-004

    This month we released MS12-004 to address CVE-2012-0003 and CVE-2012-0004. CVE-2012-0003 The most severe of these vulnerabilities is CVE-2012-0003 which is a Critical, Remote Code Execution vulnerability. This CVE affects all editions of Windows XP, Windows Server 2003, Windows Vista and Windows...
  • Blog Post: MS09-029: Vulnerabilities in the EOT parsing engine

    Today we released MS09-029, which addresses vulnerabilities related to EOT font files. To answer a few commonly asked questions, here is a brief FAQ regarding the update: Q: What is the EOT file format? A: EOT stands for Embedded OpenType Font. EOT support in Microsoft applications has existed for...
  • Blog Post: More information on Security Advisory 2737111

    Today we released Security Advisory 2737111 to describe the way in which vulnerabilities in Oracle’s Outside In technology impact the document preview functionality of Microsoft Exchange Server 2007 and 2010 and FAST Search Server 2010 for SharePoint. In this blog, we would like to discuss the...
  • Blog Post: MS12-083: Addressing a missing certificate revocation check in IP-HTTPS

    MS12-083 is being released to address a Security Feature Bypass, a class of vulnerability for which we do not frequently release security updates. This is the third such instance, with MS12-001 and MS12-032 previously having addressed Security Feature bypasses. The security feature being bypassed in...
  • Blog Post: Details on the New TLS Advisory

    Security Advisory 977377: Vulnerability in TLS Could Allow Spoofing In August of 2009, researchers at PhoneFactor discovered a vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. As the issue is present in the actual TLS/SSL-standard, not only our implementation...
  • Blog Post: Running in the wild, not for so long

    Over the weekend we received a report from our partners about a possible unpatched Internet Explorer vulnerability being exploited in the wild. The exploit code uses a memory corruption bug triggered from a webpage but it deeply leverages a Flash SWF file in order to achieve reliable exploitation and...
  • Blog Post: Is SSL broken? – More about Security Bulletin MS12-006 (previously known as Security Advisory 2588513)

    On January 10 th , Microsoft released MS12-006 in response to a new vulnerability discovered in September in SSL 3.0 and TLS 1.0 . Here we would like to give further information about the technique used to exploit this vulnerability and workaround options Microsoft has released if you discover a compatibility...
  • Blog Post: MS08-076: Windows Media Components: Part 2 of 2

    In this part, we would like to talk more about CVE-2008-3010: ISATAP vulnerability in Windows Media components. As described in the bulletin MS08-076, Windows Media components (Windows Media Player, Windows Media Format Runtime, and Windows Media Services) treat an ISATAP server address as an intranet...
  • Blog Post: Regarding MS11-004, Addressing an IIS FTP Services Vulnerability

    Today we released MS11-004 to address a vulnerability in the Microsoft FTP service an optional component of Internet Information Services (IIS). In this blog, we would like to cover some additional technical details of this vulnerability. First, we want to clarify that the vulnerability lies in the...
  • Blog Post: New workaround included in Security Advisory 2488013

    We have just updated Security Advisory 2488013 for the publicly-disclosed Internet Explorer CSS vulnerability. It now reflects the fact that limited attacks attempting to exploit this vulnerability are present in-the-wild. The advisory also includes a new workaround that can help protect your computers...
  • Blog Post: MS09-019 (CVE-2009-1140): Benefits of IE Protected Mode, additional Network Protocol Lockdown workaround

    Benefits of IE Protected Mode One of the vulnerabilities addressed in MS09-019 , CVE-2009-1140, involves navigating to a local file via a UNC path, ex: \\127.0.0.1\c$. This roundabout way of navigating to a file is necessary to execute local content such that it runs in the Internet Explorer Internet...
  • Blog Post: MS08-068: SMB credential reflection defense

    Today Microsoft released a security update, MS08-068 , which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of Moderate. This blog post is intended to explain why...
  • Blog Post: Microsoft "Fix it" available to mitigate Internet Explorer 8 vulnerability

    Today, we are making available a “Microsoft Fix it” solution to block attacks leveraging the Internet Explorer 8 (IE8) vulnerability described in Security Advisory 2847140 . This code-signed, easily downloadable and install-able Fix it package uses the Windows application compatibility toolkit...
  • Blog Post: Update on the SMB vulnerability situation

    We’d like to give everyone an update on the situation surrounding the new Microsoft Server Message Block Version 2 (SMBv2) vulnerability affecting Windows Vista and Windows Server 2008. Easy way to disable SMBv2 First exploit for code execution released to small number of companies Mitigations...