Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » network protocol   (RSS)
Monday, October 12, 2009 7:58 AM

MS09-050: Exploit timeline for the SMB2 RCE vulnerability

This month we are releasing update MS09-050 to address the SMBv2 RCE vulnerability (CVE-2009-3103). Due to the fact that public exploit code exists for this vulnerability, we felt it would be good to summarize the exploit landscape at the time of release,
Posted by swiblog | (Comments Off)
Tuesday, September 08, 2009 9:55 AM

MS09-048: TCP/IP vulnerabilities

This month we released MS09-048 which addresses three vulnerabilities in the Windows TCP/IP stack. One of the vulnerabilities, CVE-2009-1925, is rated Critical due to the risk of Remote Code Execution (RCE). The other two vulnerabilities are Denial of
Posted by swiblog | (Comments Off)
Tuesday, September 01, 2009 5:59 PM

New vulnerability in IIS5 and IIS6

This afternoon, the MSRC posted a security advisory describing a newly-disclosed vulnerability in the IIS FTP service that could potentially grant remote code execution to untrusted users. You can find the advisory here . Vulnerability summary The vulnerability
Posted by swiblog | (Comments Off)
Tuesday, June 09, 2009 10:01 AM

MS09-019 (CVE-2009-1140): Benefits of IE Protected Mode, additional Network Protocol Lockdown workaround

Benefits of IE Protected Mode One of the vulnerabilities addressed in MS09-019 , CVE-2009-1140, involves navigating to a local file via a UNC path, ex: \\127.0.0.1\c$. This roundabout way of navigating to a file is necessary to execute local content such
Posted by swiblog | (Comments Off)
Tuesday, June 09, 2009 9:23 AM

MS09-026: How a developer can know if their RPC interface is affected

Today we are releasing MS09-026 which fixes a vulnerability in the Microsoft Windows RPC (Remote Procedure Call) NDR20 marshalling engine. This component is responsible for preparing data to be sent over the network and then translating it back to what
Posted by swiblog | (Comments Off)
Tuesday, April 14, 2009 9:57 AM

MS09-013 and MS09-014: NTLM Credential Reflection Updates for HTTP clients

This month we are taking another step towards blocking NTLM reflection attacks by releasing MS09-014 for Internet Explorer and MS09-013 for Windows. This is the third update related to NTLM credential reflection we have released, and I thought it would
Posted by swiblog | (Comments Off)
Tuesday, November 11, 2008 10:40 AM

MS08-068: SMB credential reflection defense

Today Microsoft released a security update, MS08-068 , which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of
Posted by swiblog | (Comments Off)
Tuesday, July 08, 2008 10:00 AM

MS08-037 : More entropy for the DNS resolver

We released security bulletin MS08-020 two months ago to improve the DNS transaction ID entropy. You can read more about the MS08-020 algorithm change in this blog entry . Increasing the entropy makes it more difficult for attackers to spoof DNS replies.
Posted by swiblog | (Comments Off)
Tuesday, June 10, 2008 11:52 AM

MS08-036: PGM? What is PGM?

This morning we released MS08-036 to fix two denial-of-service vulnerabilities in the Windows implementation of the Pragmatic General Multicast (PGM) protocol ( RFC 3208 ). You probably have never heard of PGM. Only one engineer on our team had ever heard
Posted by swiblog | (Comments Off)
 
Page view tracker