Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » Internet Explorer (IE)   (RSS)
Tuesday, November 10, 2009 10:00 AM

Font Directory Entry Parsing Vulnerability In win32k.sys

MS09-065 addresses a vulnerability (CVE-2009-2514) in the font parsing subsystem of win32k.sys. If not addressed, this vulnerability could allow an attacker to bluescreen (DoS) the machine (best case scenario) or run code of his/her choice, possibly in
Posted by swiblog | (Comments Off)
Tuesday, July 28, 2009 10:00 AM

Overview of the out-of-band release

Today we released Security Advisory 973882 and with it, two out-of-band security bulletins. These updates are MS09-034 (an Internet Explorer update) and MS09-035 (a Visual Studio update). At this time for customers who have applied MS09-032 we are not
Posted by swiblog | (Comments Off)
Tuesday, July 28, 2009 9:57 AM

Internet Explorer Mitigations for ATL Data Stream Vulnerabilities

IE security update MS09-034 implements two defense-in-depth measures intended to mitigate the threat of attacks which attempt to exploit the Microsoft Active Template Library (ATL) vulnerabilities described in Security Advisory 973882 and MS09-034 . We
Posted by swiblog | (Comments Off)
Tuesday, July 28, 2009 9:53 AM

ATL vulnerability developer deep dive

This morning we released MS09-035 to address ATL vulnerabilities in Visual Studio. This blog post will help you answer the following questions: What are the ATL vulnerabilities? Which versions of ATL are vulnerable? How can I tell if my ActiveX control
Posted by swiblog | (Comments Off)
Tuesday, July 28, 2009 9:50 AM

MSVIDCTL (MS09-032) and the ATL vulnerability

Today we have released Security Advisory 973882 that describes vulnerabilities in the Microsoft Active Template Library (ATL), as well as security updates for Internet Explorer ( MS09-034 ) and Visual Studio ( MS09-035 ). The Visual Studio update addresses
Posted by swiblog | (Comments Off)
Tuesday, June 09, 2009 10:01 AM

MS09-019 (CVE-2009-1140): Benefits of IE Protected Mode, additional Network Protocol Lockdown workaround

Benefits of IE Protected Mode One of the vulnerabilities addressed in MS09-019 , CVE-2009-1140, involves navigating to a local file via a UNC path, ex: \\127.0.0.1\c$. This roundabout way of navigating to a file is necessary to execute local content such
Posted by swiblog | (Comments Off)
Tuesday, June 09, 2009 9:59 AM

MS09-019 (CVE-2009-1532): The "pwn2own" vulnerability

IE8 behavior notes MS09-019 contains the fix for the IE8 vulnerability responsibly disclosed by Nils at the CanSecWest pwn2own competition (CVE-2009-1532). Nils exploited this vulnerability on an IE8 build that did allow .NET assemblies to load in the
Posted by swiblog | (Comments Off)
Thursday, May 28, 2009 10:21 AM

New vulnerability in quartz.dll Quicktime parsing

Recently, we found a remote code execution vulnerability in Microsoft’s DirectShow platform (quartz.dll) when processing the QuickTime format. We have released advisory 971778 providing guidance to help protect customers. We’d like to go into more detail
Posted by swiblog | (Comments Off)
Tuesday, April 14, 2009 9:58 AM

MS09-014: Addressing the Safari Carpet Bomb vulnerability

Following up on Security Advisory 953818 , today we released MS09-014 , rated as Moderate, which addresses aspects of the Safari Carpet Bomb vulnerability. On a Windows operating system this vulnerability allows an attacker, through Safari, to drop arbitrary
Posted by swiblog | (Comments Off)
Friday, April 03, 2009 7:52 AM

The MSHTML Host Security FAQ: Part II of II

MSHTML, a.k.a. Trident, is the Internet Explorer browser rendering engine. MSHTML is a great solution for rendering HTML content, either in the context of a web browser, or simply to display rich UI in an application. You are likely not even aware of
Posted by swiblog | (Comments Off)
Thursday, April 02, 2009 3:34 PM

The MSHTML Host Security FAQ: Part I of II

MSHTML, a.k.a. Trident, is the Internet Explorer browser rendering engine. MSHTML is a great solution for rendering HTML content, either in the context of a web browser, or simply to display rich UI in an application. You are likely not even aware of
Posted by swiblog | (Comments Off)
Monday, March 23, 2009 11:35 AM

Released build of Internet Explorer 8 blocks Dowd/Sotirov ASLR+DEP .NET bypass

Last summer at BlackHat Vegas, Alexander Sotirov and Mark Dowd outlined several clever ways to bypass the Windows Vista defense-in-depth protection combination of DEP and ASLR in attacks targeting Internet Explorer. One approach they presented allowed
Posted by swiblog | (Comments Off)
Tuesday, March 03, 2009 10:36 AM

Behavior of ActiveX controls embedded in Office documents

The Microsoft Office applications (Word, Excel, PowerPoint, etc) have built-in ActiveX control support. ActiveX support allows a richer experience when interacting with an Office document. For example, a document author could use the Safe-For-Initialization
Posted by swiblog | (Comments Off)
Friday, January 30, 2009 12:44 PM

XSS Filter Improvements in IE8 RC1

On Monday IE8 RC1 was released . Here are some of the most interesting improvements and bug fixes to the XSS Filter feature: Some byte sequences enabled the filter to be bypassed, depending on system locale URLs containing certain byte sequences bypassed
Posted by swiblog | (Comments Off)
Wednesday, January 28, 2009 3:20 PM

Stack overflow (stack exhaustion) not the same as stack buffer overflow

Periodically we get reports into the MSRC of stack exhaustion in client-side applications such as Internet Explorer, Word, etc. These are valid stability bugs that, fortunately, do not lead to an exploitable condition by itself (no potential for elevation
Posted by swiblog | (Comments Off)
More Posts Next page »
 
Page view tracker