Skip to main content
MSRC

Month Archives: November 2012

Announcing BlueHat v12

Wednesday, November 21, 2012

The days are getting shorter, the holidays are getting nearer, and looming on the horizon are a trio of 12’s – it’s almost time for the 12th BlueHat Conference, on tap for the twelfth month of 2012. We have a terrific lineup of speakers from both inside and outside the company; there’s nothing much we can do about the weather in Seattle in mid-December, but indoors we have compelling work to do on making the cloud, mobile devices, the Internet, and the rest of the computing ecosystem, safer for customers.

November 2012 Security Bulletin Webcast, Q&A, and Slide Deck

Thursday, November 15, 2012

Hello, Today we’re publishing the November 2012 Security Bulletin Webcast Questions & Answers page. During the webcast, we fielded ten questions focusing primarily Windows RT, Windows 8, and Windows Server 2012 detection and deployment, MS12-072 (Windows Shell), and MS12-073 (IIS). All questions are included on the Q&A page. We invite our customers to join us for the next public webcast on Wednesday, December 12th at 11 a.

MS12-074: Addressing a vulnerability in WPAD’s PAC file handling

Tuesday, November 13, 2012

Today we released MS12-074, addressing a Critical class vulnerability in the .NET Framework that could potentially allow remote code execution with no user interaction. This particular CVE, CVE-2012-4776, could allow an attacker on a local network to host a malicious WPAD PAC file containing script code which could be executed on a victim machine without requiring any type of authentication or user interaction.