Security Research & Defense

Browse by Tags

All Tags » rating (RSS)

Monday, October 12, 2009 10:05 AM

Assessing the risk of the October security bulletins

This morning we released 13 security bulletins, our largest release of 2009. Altogether, these bulletins address 34 separate CVEs. We’d like to use this blog post to help you prioritize your deployment of the updates. Prioritization Criteria We’ve provided

Posted by swiblog | (Comments Off)

Filed under: Mitigations, rating, Attack Vector, Exploitability, Risk Asessment

Tuesday, September 08, 2009 9:57 AM

Assessing the risk of the September Critical security bulletins

This morning we released five security bulletins , all of them having a bulletin maximum severity rating of Critical and two having a bulletin maximum exploitability index rating of "1" (Consistent exploit code likely). We wanted to just say a few words

Posted by swiblog | (Comments Off)

Filed under: Mitigations, rating, Attack Vector, Exploitability, Risk Asessment, Defense-in-depth, DEP

Tuesday, September 08, 2009 9:55 AM

MS09-048: TCP/IP vulnerabilities

This month we released MS09-048 which addresses three vulnerabilities in the Windows TCP/IP stack. One of the vulnerabilities, CVE-2009-1925, is rated Critical due to the risk of Remote Code Execution (RCE). The other two vulnerabilities are Denial of

Posted by swiblog | (Comments Off)

Filed under: Mitigations, rating, network protocol, Exploitability, Risk Asessment

Tuesday, June 09, 2009 9:56 AM

MS09-023: Windows Search and MSHTML Host Apps

Today, we released MS09-023, a bulletin for Windows Search 4.0. It is an information disclosure vulnerability rated as Moderate. We would like to go into more details in this blog to help you understand: What is the attack vector? Why is this vulnerability

Posted by swiblog | (Comments Off)

Filed under: Mitigations, rating, Risk Asessment, MSHTML

Tuesday, April 14, 2009 9:59 AM

Prioritizing the deployment of the April security bulletins

We just released eight security bulletins , five of which are rated Critical on at least one platform. We built a reference table of bulletin severity rating, exploitability index rating , and attack vectors. This table is sorted first by bulletin severity,

Posted by swiblog | (Comments Off)

Filed under: rating, Attack Vector, Exploitability, Risk Asessment

Friday, January 09, 2009 12:24 PM

MS09-001: Prioritizing the deployment of the SMB bulletin

This month we released an update for SMB that addresses three vulnerabilities. This blog post provides additional information that might help prioritize the deployment of this update, and help explain the risk for code execution. In the bulletin you will

Posted by swiblog | (Comments Off)

Filed under: SMB, rating, kernel, Exploitability

Tuesday, November 11, 2008 10:40 AM

MS08-068: SMB credential reflection defense

Today Microsoft released a security update, MS08-068 , which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of

Posted by swiblog | (Comments Off)

Filed under: Mitigations, Workarounds, signing, SMB, rating, network protocol

Tuesday, October 14, 2008 10:50 AM

Bulletin severity for October bulletins

Bulletin severity is an interesting topic to many blog readers. We often hear that you think a bulletin should be rated higher or lower. Sometimes we even hear one person suggesting a higher rating and another suggesting a lower rating for the same issue.

Posted by swiblog | (Comments Off)

Filed under: Security Bulletin, rating, Killbit, security zones, Exploitability

Tuesday, September 09, 2008 9:56 AM

MS08-055: Microsoft security response process, behind the scenes

One of our blogging goals is to give you a peek “behind the scenes” into our security response process. We thought you might be interested in the story behind MS08-055 , this month's OneNote bulletin. In March, a security researcher sent in a report of

Posted by swiblog | (Comments Off)

Filed under: Workarounds, rating, protocol handlers

Wednesday, August 13, 2008 1:00 PM

MS08-049 : When kind of authentication is needed?

MS08-049 is an update for the Windows Event System service to correct an authenticated elevation-of-privilege vulnerability. We received a question via email yesterday about the type of authentication needed to exploit CVE-2008-1456. Our security bulletin

Posted by swiblog | (Comments Off)

Filed under: Mitigations, Security Bulletin, rating, COM

Wednesday, April 09, 2008 9:01 AM

MS08-023: Same bug, four different security bulletin ratings

Security bulletin MS08-023 addressed two ActiveX control vulnerabilities, one in a Visual Studio ActiveX control and another in a Yahoo!’s Music Jukebox ActiveX control. The security update sets the killbit for both controls. For more about how the killbit

Posted by swiblog | (Comments Off)

Filed under: Security Bulletin, rating, Internet Explorer (IE), ActiveX, Killbit, classid

Tuesday, January 08, 2008 1:23 PM

MS08-001 - The case of the Moderate, Important, and Critical network vulnerabilities

Security bulletin MS08-001 addresses vulnerabilities described by two separate CVE numbers, as you can see in the bulletin. This post provides an overview of the two issues, the affected platforms and notes on the severity. We’ll be following this post

Posted by migrady | (Comments Off)

Filed under: MS08-001, IGMP, ICMP, rating