Tuesday, August 10, 2010
This month Microsoft released an update for Windows to address three vulnerabilities in the SMB Server component. Two of the vulnerabilities are remote denial-of-service (DoS) attacks, while one (CVE-2010-2550) has the potential for remote code execution (RCE). This blog post provides more details on the exploitability of CVE-2010-2550, and outlines why the risk of reliable RCE is low.
Wednesday, July 28, 2010
** UPDATE: Version 2.0 of EMET is now available. Click here to read more about it. * What is EMET? In October 2009, we released a tool on this blog called EMET that provides users with the ability to deploy security mitigation technologies to arbitrary applications. Doing so helps to prevent vulnerabilities in those applications (especially line of business and 3rd party apps) from successfully being exploited.
Tuesday, July 13, 2010
Today we released MS10-042 to address CVE-2010-1885, a Critical severity security issue in the Help and Support Center. Windows XP is affected and we have seen limited attacks, so we encourage everyone to depoy the update right away. Windows Server 2003 also contains the vulnerable code; however, we have not identified a way for an attacker to exploit it.
Tuesday, July 13, 2010
Today we released the fix for CVE-2010-0266, an Important severity vulnerability in Microsoft Office Outlook. Yorick Koster working with the SSD/SecuriTeam Secure Disclosure program reported this issue. What’s the risk? This vulnerability enables an attacker to spoof a dangerous e-mail attachment to appear legitimate / benign. If a victim user were to open the attachment, code from a remote UNC path could execute without prior warning.
Thursday, June 10, 2010
Yesterday evening, one of Google’s security researchers publicly released vulnerability details and a working exploit for an unpatched vulnerability in Windows XP and Windows Server 2003. This afternoon, we’ve released security advisory 2219475 with official guidance. We’d like to use this blog entry to share more details about the issue and ways you can protect yourself.
Tuesday, June 08, 2010
Today we released ten security bulletins. Three have a maximum severity rating of Critical and seven have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Rating Likely first 30 days impact Platform mitigations and key notes MS10-035(IE) Victim browses to a malicious webpage.
Tuesday, June 08, 2010
Today we released a security update rated Important for CVE-2010-1255 in MS10-032. This vulnerability affects the win32k.sys driver. This blog post provides more information about this vulnerability that can help with prioritizing the deployment of updates this month. What’s the risk? A local attacker could write a custom user-mode attack application that passes a bad buffer to win32k.
Tuesday, June 08, 2010
Today we released MS10-035, a security update with an Important severity update, addressing CVE-2010-0255. We’d like to talk briefly about that specific vulnerability and how we’ve addressed it. Background information This issue primarily impacts Internet Explorer running on Windows XP. Attacks against Internet Explorer running on Windows Vista and newer platforms are mitigated by Internet Explorer Protected Mode.
Tuesday, June 08, 2010
Today we released MS10-041 addressing an issue in the implementation of the XML signature functionality in the .NET Framework with an Important severity rating. We’d like to shed more light on that case here. Am I at risk? No Microsoft products are subject to this vulnerability. However, .NET applications that use the System.
Tuesday, May 11, 2010
Today we released the fix for CVE-2010-0816 in MS10-030. This vulnerability affects Outlook Express, Windows Mail, and Windows Live Mail. We recommend that you install the update as soon as possible, but realize that some customers may need to prioritize which updates they install first. While the vulnerability is rated critical, many customers may not be affected by it.
