Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » protocol handlers   (RSS)
Tuesday, June 09, 2009 10:01 AM

MS09-019 (CVE-2009-1140): Benefits of IE Protected Mode, additional Network Protocol Lockdown workaround

Benefits of IE Protected Mode One of the vulnerabilities addressed in MS09-019 , CVE-2009-1140, involves navigating to a local file via a UNC path, ex: \\127.0.0.1\c$. This roundabout way of navigating to a file is necessary to execute local content such
Posted by swiblog | (Comments Off)
Tuesday, December 09, 2008 10:06 AM

MS08-075: Reducing attack surface by turning off protocol handlers

Today Microsoft released a security update, MS08-075, that fixes a vulnerability in Windows Explorer in Vista and Server 2008 that was exposed through the search-ms protocol handler. This is a remote unauthenticated vulnerability that requires user interaction,
Posted by swiblog | (Comments Off)
Attachment(s): Protocol Handler Scripts.zip
Tuesday, September 09, 2008 9:56 AM

MS08-055: Microsoft security response process, behind the scenes

One of our blogging goals is to give you a peek “behind the scenes” into our security response process. We thought you might be interested in the story behind MS08-055 , this month's OneNote bulletin. In March, a security researcher sent in a report of
Posted by swiblog | (Comments Off)
Tuesday, March 11, 2008 1:40 PM

MS08-015: Protocol Handler and its Default Security Zone

MS08-015, CVE-2008-0110, addresses a vulnerability in Microsoft Outlook’s implementation of “mailto” URI handling. The attack can be launched via IE or other applications which invoke the “mailto” protocol. Applications can register pluggable protocol
Posted by swiblog | (Comments Off)
 
Page view tracker