Month Archives: May 2013

Advance Notification Service for the May 2013 Security Bulletin Release

Thursday, May 09, 2013

Today we’re providing Advance Notification of 10 bulletins for release on Tuesday, May 14, 2013. This release brings two Critical and eight Important-class bulletins, which address 33 unique vulnerabilities. The Critical-rated bulletins address issues in Microsoft Windows and Internet Explorer. Of note, we are working to have the Internet Explorer Security Update address the issue described in Security Advisory 2847140, supplementing the currently available Fix it.

Read More

• ANS
• Internet Explorer (IE)
• Microsoft Office
• Microsoft Windows
• Security Bulletins

EMET 4.0's Certificate Trust Feature

Wednesday, May 08, 2013

Three weeks ago, we released a beta version of EMET 4.0 to get feedback on the new EMET features and to get more real-world testing before the official release. We have been amazed and so grateful for the thousands of downloads and hundreds of emails with feature suggestions, bug reports, questions about the new features, and kind words cheering us on.

Read More

• EMET
• Man-in-the-Middle
• PKI

Fix it for Security Advisory 2847140 is available

Wednesday, May 08, 2013

We have updated Security Advisory 2847140 to include an easy, one-click Fix it to address the known attack vectors. The Fix it is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code and should not affect your ability to browse the Web. Additionally, applying the Fix it does not require a reboot.

Read More

• Advisory
• Internet Explorer (IE)
• Security
• Security Advisory

Microsoft "Fix it" available to mitigate Internet Explorer 8 vulnerability

Wednesday, May 08, 2013

Today, we are making available a “Microsoft Fix it” solution to block attacks leveraging the Internet Explorer 8 (IE8) vulnerability described in Security Advisory 2847140. This code-signed, easily downloadable and install-able Fix it package uses the Windows application compatibility toolkit to make a small change at runtime to mshtml.dll every time IE is loaded.

Read More

• EMET
• Internet Explorer (IE)
• Workarounds
• Zero-Day Exploit

カウントダウン開始: Windows XP のサポートは 2014 年 4 月 8 日に終了

Tuesday, May 07, 2013

本記事は、 Microsoft Security のブログ “ *The Countdown Begins: Support for Windows XP Ends on April 8, 2014 ” * (2013 ** *年 **4 ** *月 **8 ** *日公開 **) ** *を翻訳した記事

Read More

• SDL
• Windows XP
• ライフサイクル

Microsoft Releases Security Advisory 2847140

Friday, May 03, 2013

Today, we released Security Advisory 2847140 regarding an issue that impacts Internet Explorer 8. Internet Explorer 6, 7, 9 and 10 are not affected by the vulnerability. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message.

Read More

• Advisory
• Internet Explorer (IE)
• Security
• Security Advisory

サイバーセキュリティ ポリシーとパフォーマンスのリンク: セキュリティ インテリジェンス レポート スペシャル エディションをリリース

Wednesday, May 01, 2013

本記事は、 Microsoft Trustworthy Computing のブログ “ *Linking Cybersecurity Policy and Performance: Microsoft Releases Special Edition Security Intelligence Report ” * (2013 年 * 2 月 * 6 日公開 *) を翻訳した記事です。 Trustworthy Computing

Read More

• サイバーセキュリティ
• ポリシー
• レポート