Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » Mitigations   (RSS)
Friday, November 20, 2009 4:09 PM

SEHOP per-process opt-in support in Windows 7

In a previous blog post we discussed the technical details of Structured Exception Handler Overwrite Protection (SEHOP) which is an exploit mitigation feature that was first introduced in Windows Vista SP1 and Windows Server 2008 RTM. SEHOP prevents attackers
Posted by swiblog | (Comments Off)
Monday, October 12, 2009 10:05 AM

Assessing the risk of the October security bulletins

This morning we released 13 security bulletins, our largest release of 2009. Altogether, these bulletins address 34 separate CVEs. We’d like to use this blog post to help you prioritize your deployment of the updates. Prioritization Criteria We’ve provided
Posted by swiblog | (Comments Off)
Friday, September 18, 2009 10:00 AM

Update on the SMB vulnerability situation

We’d like to give everyone an update on the situation surrounding the new Microsoft Server Message Block Version 2 (SMBv2) vulnerability affecting Windows Vista and Windows Server 2008. Easy way to disable SMBv2 First exploit for code execution released
Posted by swiblog | (Comments Off)
Tuesday, September 08, 2009 9:57 AM

Assessing the risk of the September Critical security bulletins

This morning we released five security bulletins , all of them having a bulletin maximum severity rating of Critical and two having a bulletin maximum exploitability index rating of "1" (Consistent exploit code likely). We wanted to just say a few words
Posted by swiblog | (Comments Off)
Tuesday, September 08, 2009 9:55 AM

MS09-048: TCP/IP vulnerabilities

This month we released MS09-048 which addresses three vulnerabilities in the Windows TCP/IP stack. One of the vulnerabilities, CVE-2009-1925, is rated Critical due to the risk of Remote Code Execution (RCE). The other two vulnerabilities are Denial of
Posted by swiblog | (Comments Off)
Tuesday, August 11, 2009 8:39 AM

MS09-036: ASP.NET Denial-of-Service vulnerability

We have released MS09-036 to address an anonymous denial of service (DoS) vulnerability in ASP.NET. We’d like to go into more detail in this blog to help you understand: Which configurations are at risk? What could happen if my configuration is impacted?
Posted by swiblog | (Comments Off)
Tuesday, August 04, 2009 12:33 PM

Preventing the exploitation of user mode heap corruption vulnerabilities

Over the past few months we have discussed a few different defense in depth mitigations (like GS [ pt 1 , pt2 ], SEHOP , and DEP [ pt 1 , pt 2 ]) which are designed to make it harder for attackers to successfully exploit memory safety vulnerabilities
Posted by swiblog | (Comments Off)
Tuesday, July 28, 2009 9:57 AM

Internet Explorer Mitigations for ATL Data Stream Vulnerabilities

IE security update MS09-034 implements two defense-in-depth measures intended to mitigate the threat of attacks which attempt to exploit the Microsoft Active Template Library (ATL) vulnerabilities described in Security Advisory 973882 and MS09-034 . We
Posted by swiblog | (Comments Off)
Friday, June 12, 2009 10:48 AM

Understanding DEP as a mitigation technology part 2

In our previous blog post , we explained how DEP works and how to determine if / how a process opted-in to DEP. Now we will demonstrate how DEP can be used to mitigate the risk of a real-world attack. We published a security advisory in February describing
Posted by swiblog | (Comments Off)
Friday, June 12, 2009 10:30 AM

Understanding DEP as a mitigation technology part 1

We have mentioned DEP in several recent blog posts ( 1 , 2 , 3 , and 4 ). This blog post will answer: What is DEP? How can you enable DEP? What are the risks in enabling different modes of DEP? This is the first of a two-part blog series on DEP as a mitigation
Posted by swiblog | (Comments Off)
Attachment(s): AddProcessParametersFlags - XPSP2.txt
Tuesday, June 09, 2009 10:01 AM

MS09-019 (CVE-2009-1140): Benefits of IE Protected Mode, additional Network Protocol Lockdown workaround

Benefits of IE Protected Mode One of the vulnerabilities addressed in MS09-019 , CVE-2009-1140, involves navigating to a local file via a UNC path, ex: \\127.0.0.1\c$. This roundabout way of navigating to a file is necessary to execute local content such
Posted by swiblog | (Comments Off)
Tuesday, June 09, 2009 9:56 AM

MS09-023: Windows Search and MSHTML Host Apps

Today, we released MS09-023, a bulletin for Windows Search 4.0. It is an information disclosure vulnerability rated as Moderate. We would like to go into more details in this blog to help you understand: What is the attack vector? Why is this vulnerability
Posted by swiblog | (Comments Off)
Tuesday, June 09, 2009 9:48 AM

MS09-024: Lower risk if you have Microsoft Word installed

Today we released bulletin MS09-024 that fixes vulnerabilities in text converters for the Microsoft Works document file format (WPS). Reduced impact if Microsoft Office is installed The Works converters included with Microsoft Word are vulnerable. However,
Posted by swiblog | (Comments Off)
Tuesday, May 26, 2009 10:57 AM

Safe Unlinking in the Kernel Pool

The heap in user mode has a number of different measures built in to make exploiting heap overrun vulnerabilities more challenging. Similar checks have been in debug versions of the kernel pool for some time to aid driver debugging. Windows 7 RC is the
Posted by swiblog | (Comments Off)
Monday, May 18, 2009 4:35 PM

More information about the IIS authentication bypass

Security Advisory 971492 provides official guidance about the new IIS authentication bypass vulnerability. We’d like to go into more detail in this blog to help you understand: Am I at risk? If so, what could happen? How can I protect myself? Which IIS
Posted by swiblog | (Comments Off)
More Posts Next page »
 
Page view tracker