Browse by Tags

We have updated Security Advisory 2847140 to include an easy, one-click Fix it to address the known attack vectors. The Fix it is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code and should not ...read more

Today, we released Security Advisory 2847140 regarding an issue that impacts Internet Explorer 8. Internet Explorer 6, 7, 9 and 10 are not affected by the vulnerability. This issue allows remote code execution if users browse to a malicious website with ...read more

Today we revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10 on Windows 8. This advisory revision was released in conjunction with Adobe’s update process. Customers who have automatic updates enabled ...read more

Today we revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10 on Windows 8, this revision was released in conjunction with Adobe’s update process. Customers who have automatic updates enabled will not ...read more

We have updated Security Advisory 2749920 to include the Fix it we discussed in Saturday’s blog post . This easy, one-click Fix it is available to everyone and prevents the vulnerability from being used for code execution without affecting your ...read more

Today, we released Security Advisory 2794220 regarding an issue that impacts Internet Explorer 6, 7, and 8. We are only aware of a very small number of targeted attacks at this time. This issue allows remote code execution if users browse to a malicious ...read more

Happy holidays! I hope everyone is enjoying the festive season. I like to get my holiday shopping done early, and this year was no exception. In the middle of my holiday shopping last week, as I passed my cash from one store to the next, I was reminded ...read more

Today, in conjunction with Adobe’s update process, we have revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10. Customers who have automatic updates enabled will not need to take any action because protections ...read more

Today we revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10, in conjunction with Adobe’s update process. Customers who have automatic updates enabled will not need to take any action because protections ...read more

Today we released Security Advisory 2755801 that addresses vulnerabilities in Adobe Flash Player in Internet Explorer 10 on Windows 8. The majority of customers have automatic updates enabled and will not need to take any action because protections will ...read more

We will release a Fix it in the next few days to address an issue in Internet Explorer, as outlined in the Security Advisory 2757760 that we released yesterday. While we have only seen a few attempts to exploit the issue, impacting an extremely ...read more

Today we released Security Advisory 2757760 to address an issue that affects Internet Explorer 9 and earlier versions if a user views a website hosting malicious code. Internet Explorer 10 is not affected. We have received reports of only a small number ...read more

Security Advisory 2661254 - Update For Minimum Certificate Key Length Before we get into the details of this month’s bulletin release, let’s take a look at an important change on how Windows deals with certificates that have RSA keys of less ...read more

Hello – Today we published Security Advisory 2737111, which provides mitigations and workarounds that will help protect customers from a known vulnerability in one of Oracle’s Outside In libraries, which were updated earlier this month ...read more

During our regular Update Tuesday bulletin cycle this week, we released Security Advisory 2719615 , which provides guidance concerning a remote code execution issue affecting MSXML Code Services. As part of that Advisory, we've built a Fix it workaround ...read more

Hi everyone, Today we released Security Advisory 2639568 to provide customer guidance for the Windows kernel issue related to the Duqu malware. I would like to provide you information on how to protect your system(s), how we are addressing the issue ...read more

Hello. Today we released Security Advisory 2588513 , addressing an information-disclosure issue in SSL (Secure Sockets Layer) 3.0 and TLS (Transport Layer Security) 1.0 to provide guidance for customers. This is an industry-wide issue with limited impact ...read more

Hello all -- Today, as part of our usual monthly bulletin cadence, we are providing our Advance Notification Service for March's security bulletins. This month we'll release three bulletins, one of them rated Critical and two rated Important, addressing ...read more

Just and FYI that we’ve released Microsoft Security Advisory 972890 . This discusses new, limited attacks against a Microsoft Video ActiveX Control affecting Windows XP and Windows Server 2003.  From the source: “…our investigation has shown that there are no by-design uses for this ActiveX Control...

In case you somehow caught a sudden case of amnesia and forgot that we were releasing the June security bulletins yesterday you’re in luck – The Microsoft Security Response Center team just posted details on everything you need to know about what the updates do and considerations to take into account...

Just a heads up that tomorrow, June 9 at 10:00 a.m. Pacific, we will be releasing a total of 10 security bulletins consisting of the following: Six updates affecting Windows. Two Critical, three Important, and one Moderate. One Critical update affecting Internet Explorer. One Critical...

Just and FYI that we’ve released Microsoft Security Advisory 971778 . This discusses a new vulnerability in Microsoft DirectShow affecting Windows 2000, Windows XP and Windows Server 2003 that is under limited attack. The advisory outlines information about the vulnerability and steps customers can take...

Actually this was last evening but in case you missed it here are the details from the MSRC blog: This advisory contains information regarding public reports of a vulnerability in Microsoft Internet Information Services (IIS) that could allow Elevation of Privilege. Products affected are IIS 5.0, IIS...

In case you missed it on Friday, the folks over at the MSRC blog posted their webcast Question and Answer session to the web.  In the May 2009 security bulletin webcast they addressed several questions relating to MS09-017 in addition to questions about WSUS and MBSA. For those questions that came...

Just saw this on the MSRC blog and thought I’d give everyone a heads up: Today we released one security bulletin, MS09-017 , affecting our PowerPoint products. This update addresses several vulnerabilities including the issue described in Microsoft Security Advisory 969136 . In that advisory, we noted...