2013/02 | Microsoft Security Response Center

EMET 3.0 support is now available for enterprise customers

Tuesday, February 12, 2013

We are pleased to announce that as of today customers with access to Microsoft Services Premier and Professional Support can receive EMET related technical assistance. This is an important step for us to better support professional and enterprise customers and answer questions related to EMET deployment, configuration, and troubleshooting. The support will be fee based.

EMET

MS13-018: Hard to let go

Tuesday, February 12, 2013

MS13-018 addresses a potential denial-of-service condition in the Windows TCP/IP stack. This vulnerability could be leveraged by an attacker in certain circumstances to exhaust a server’s non paged pool, preventing it from making new TCP connections. The vulnerability is as follows: A Windows victim machine has a TCP/IP connection in an ESTABLISHED state to a remote attacker machine, and the Windows victim machine (not the attacker machine) sends a FIN packet to the remote attacker machine to initiate the connection teardown sequence, as outlined in RFC 793.

Network protocol

Introducing ModSecurity IIS 2.7.2 Stable Release

Monday, February 11, 2013

We are pleased to announce the release of a stable version of the open source web application firewall module ModSecurity IIS 2.7.2. Since the announcement of availability of the beta version in July 2012, we have been working very hard to bring the quality of the module to meet the enterprise class product requirements.

2013 年 2 月 13 日のセキュリティリリース予定 (月例)

Thursday, February 07, 2013

2013 年 2 月の月例セキュリティリリースの事前通知を公開しました。2013 年 2 月 13 日に公開を予定している新

セキュリティ情報

Advance Notification Service for the February 2013 Security Bulletin Release

Thursday, February 07, 2013

We’re kicking off the February 2013 Security Bulletin Release with Advance Notification of 12 bulletins for release Tuesday, February 12. This release brings five Critical and seven Important-class bulletins, which address 57 unique vulnerabilities. The Critical-rated bulletins address issues in Microsoft Windows, Internet Explorer and Exchange Software. The Important-rated bulletins address issues in Microsoft Windows, Office, .

Security Advisory 2755801 revised to address Adobe Flash Player issues (Feb. 7, 2013)

Thursday, February 07, 2013

Today we revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10 on Windows 8, this revision was released in conjunction with Adobe’s update process. Customers who have automatic updates enabled will not need to take any action because protections will be downloaded and installed automatically.