Month Archives: June 2010

MS10-035: Cross-Domain Information Disclosure Vulnerability

Tuesday, June 08, 2010

Today we released MS10-035, a security update with an Important severity update, addressing CVE-2010-0255. We’d like to talk briefly about that specific vulnerability and how we’ve addressed it. Background information This issue primarily impacts Internet Explorer running on Windows XP. Attacks against Internet Explorer running on Windows Vista and newer platforms are mitigated by Internet Explorer Protected Mode.

• Cross-Domain
• IE
• Internet Explorer (IE)
• Mitigations
• Protected Mode IE

MS10-041: XML Signature HMAC Truncation Bypass Vulnerability

Tuesday, June 08, 2010

Today we released MS10-041 addressing an issue in the implementation of the XML signature functionality in the .NET Framework with an Important severity rating. We’d like to shed more light on that case here. Am I at risk? No Microsoft products are subject to this vulnerability. However, .NET applications that use the System.

• .NET Framework
• PowerShell
• Risk Asessment
• Visual Studio
• XML

2010年6月9日のセキュリティリリース予定 (月例)

Thursday, June 03, 2010

2010 年 6 月 9 日に予定している月例のセキュリティリリースについてのお知らせです。 公開を予定しているセキュ

June 2010 Security Bulletin Advance Notification

Thursday, June 03, 2010

Hi everyone, Today we published our advance notification for the June security bulletin release, scheduled for release next Tuesday, June 8. This month’s release includes ten bulletins addressing 34 vulnerabilities. Six of the bulletins affect Windows; of those, two carry a Critical severity rating and four are rated Important. Two bulletins, both with a severity rating of Important, affect Microsoft Office.

• Internet Explorer (IE)
• Microsoft Office
• Microsoft Windows
• Security Bulletin
• Security Update

Security Wars: エピソード 2 - 2-3. パトリオット ハッカーの犯罪に対する処罰

Wednesday, June 02, 2010

Security Wars を更新しました。 Security Wars: エピソード 2 - 2-3. パトリオット ハッカーの犯罪に対する処罰 http://technet.microsoft.com/ja-jp/security/ff720102.aspx 愛国的な行動と称して