Security Research & Defense

Browse by Tags

All Tags » Attack Vector (RSS)

Monday, October 12, 2009 10:05 AM

Assessing the risk of the October security bulletins

This morning we released 13 security bulletins, our largest release of 2009. Altogether, these bulletins address 34 separate CVEs. We’d like to use this blog post to help you prioritize your deployment of the updates. Prioritization Criteria We’ve provided

Posted by swiblog | (Comments Off)

Filed under: Mitigations, rating, Attack Vector, Exploitability, Risk Asessment

Monday, October 12, 2009 7:36 AM

MS09-054: Extra info on the attack surface for the IE security bulletin

MS09-054 addresses an IE vulnerability (CVE-2009-2529), which was discovered and presented by Mark Dowd, Ryan Smith, and David Dewey at the BlackHat conference in July. First we’d like to make it clear that any customers that have applied the update associated

Posted by swiblog | (Comments Off)

Filed under: Workarounds, Attack Vector, XBAP, MS09-054

Monday, October 12, 2009 7:30 AM

MS09-061: More information about the .NET security bulletin

MS09-061 fixes vulnerabilities in the .NET Framework which could allow malicious .NET applications execute arbitrary native code, resulting in remote code execution. This post is intended to help clarify the attack vectors for these vulnerabilities, and

Posted by swiblog | (Comments Off)

Filed under: Workarounds, Attack Vector, MS09-061, XBAP, .NET Framework

Tuesday, September 08, 2009 9:57 AM

Assessing the risk of the September Critical security bulletins

This morning we released five security bulletins , all of them having a bulletin maximum severity rating of Critical and two having a bulletin maximum exploitability index rating of "1" (Consistent exploit code likely). We wanted to just say a few words

Posted by swiblog | (Comments Off)

Filed under: Mitigations, rating, Attack Vector, Exploitability, Risk Asessment, Defense-in-depth, DEP

Tuesday, July 14, 2009 9:09 AM

MS09-029: Vulnerabilities in the EOT parsing engine

Today we released MS09-029, which addresses vulnerabilities related to EOT font files. To answer a few commonly asked questions, here is a brief FAQ regarding the update: Q: What is the EOT file format? A: EOT stands for Embedded OpenType Font. EOT support

Posted by swiblog | (Comments Off)

Filed under: Workarounds, Attack Vector, Risk Asessment

Tuesday, April 14, 2009 9:59 AM

Prioritizing the deployment of the April security bulletins

We just released eight security bulletins , five of which are rated Critical on at least one platform. We built a reference table of bulletin severity rating, exploitability index rating , and attack vectors. This table is sorted first by bulletin severity,

Posted by swiblog | (Comments Off)

Filed under: rating, Attack Vector, Exploitability, Risk Asessment

Tuesday, April 14, 2009 9:58 AM

MS09-014: Addressing the Safari Carpet Bomb vulnerability

Following up on Security Advisory 953818 , today we released MS09-014 , rated as Moderate, which addresses aspects of the Safari Carpet Bomb vulnerability. On a Windows operating system this vulnerability allows an attacker, through Safari, to drop arbitrary

Posted by swiblog | (Comments Off)

Filed under: Attack Vector, Internet Explorer (IE), blended threat, Defense-in-depth

Tuesday, April 14, 2009 9:56 AM

MS09-012: Fixing “Token Kidnapping”

This morning we released MS09-012, an update to address the publicly-disclosed issue commonly referred to as Token Kidnapping ( http://www.argeniss.com/research/TokenKidnapping.pdf ). This vulnerability allows escalation from the Network Service account

Posted by swiblog | (Comments Off)

Filed under: Attack Vector, Risk Asessment

Monday, October 13, 2008 5:16 PM

Service isolation explanation

The past few days, we have had service isolation on our minds here in Redmond after the POC code posting last week from Cesar Cerrudo. Nazim Lala from the IIS team posted a great blog entry about the fix and why it is taking so long to release it. I expect

Posted by swiblog | (Comments Off)

Filed under: Mitigations, Attack Vector

Thursday, June 05, 2008 10:00 AM

Why there won't be a security update for WkImgSrv.dll

Recently, there was a public post in milw0rm ( http://www.milw0rm.com/exploits/5530 ), talking about an issue in the ActiveX control of Microsoft Works 7 WkImgSrv.dll. The PoC claims that it would achieve remote code execution. McAfee Avert Labs Blog

Posted by swiblog | (Comments Off)

Filed under: Mitigations, Attack Vector, ActiveX, Killbit, clsid

Thursday, January 10, 2008 5:00 PM

MS08-001 - The case of the missing Windows Server 2003 attack vector

Part 3 of our MS08-001 blog post series mentioned that Windows Server 2003 does not expose an attack vector to the vulnerable IGMP code execution vulnerability by default. Windows XP and Vista enable UPnP (Universal Plug-and-Play) which exposes an attack vector to the vulnerable code but Windows Server 2003 does not enable UPnP. As a result, the WS03 machine will ignore IGMP messages received from the network [read more on the blog]...

Posted by migrady | (Comments Off)

Filed under: IGMP, Attack Vector, UPnP, multicast group, netsh