Tuesday, May 11, 2010
Today we released bulletin MS10-031 addressing vulnerability CVE-2010-0815 in the VBE6.DLL library. VBE6.dll is part of Visual Basic Environment and can be used by many Microsoft products, including Microsoft Office. We wanted to share a little more detail about this vulnerability to help you make a risk decision regarding its exploitability.
Thursday, April 29, 2010
Today we released Security Advisory 983438 informing customers of a cross-site scripting (XSS) vulnerability in SharePoint Server 2007 and SharePoint Services 3.0. Here we would like to give further technical information about this vulnerability. What is the attack vector? The advisory states that the vulnerability could allow Elevation of Privilege (EoP) within the SharePoint site itself.
Monday, April 12, 2010
Today we released eleven security bulletins with security updates addressing 25 CVE’s. Five of the bulletins have at least one CVE rated Critical. We hope that the table below helps you prioritize this month’s deployment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Likely first 30 days impact Platform mitigations and key notes MS10-027 (WMP) Victim browses to a malicious webpage.
Monday, April 12, 2010
Today Microsoft released MS10-020, which addresses several vulnerabilities in the Windows SMB client. This blog post provides additional details to help prioritize installation of the update, and understand the attack vectors and mitigations that apply. Client-side vulnerabilities The first thing to realize is that this update addresses vulnerabilities in the SMB ** client ** in Windows.
Monday, April 12, 2010
MS10-021 addresses eight different Windows vulnerabilities. Five of them, CVE-2010-0234 through CVE-2010-0238, stem from an obscure bit of Windows registry functionality called “registry links”. A quick search in MSDN reveals this description: “REG_LINK: Specifies a Unicode symbolic link. Used internally. Applications do not use this type”. Clear as mud, right? Registry links are similar to symbolic links in NTFS (http://msdn.
Monday, March 01, 2010
The MSRC Engineering team has been investigating reports of a vulnerability involving the use of VBScript and Windows Help files. What is the impact and affected platforms? Our investigation has determined that Windows 7, Windows Server 2008, and Windows Vista are not impacted. Only Windows 2000 and Windows XP are impacted by default.
Wednesday, February 24, 2010
Hi all, I’m Lars Opstad, an engineering manager in the MSEC Science group supporting the SDL within Microsoft. I wanted to share with you some of the ways that we are improving our internal security practices, specifically in the area of file fuzzing. Many fuzzers take a good file (template) as a starting point for creating malformed content.
Tuesday, February 09, 2010
This morning, we released 13 security bulletins. Five have maximum severity rating of Critical, seven Important, and one Moderate. One security bulletin (MS10-015, ntvdm.dll) has exploit code already published, but we are not aware of any active attacks or customer impact. We hope that the table and commentary below helps you prioritize the deployment of the updates appropriately.
Tuesday, February 09, 2010
Security Advisory 977377: Vulnerability in TLS Could Allow Spoofing In August of 2009, researchers at PhoneFactor discovered a vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. As the issue is present in the actual TLS/SSL-standard, not only our implementation, Microsoft is working together with ICASI, the Industry Consortium for Advancement of Security on the Internet to address this vulnerability.
Tuesday, February 09, 2010
Today we released two bulletins to address vulnerabilities in SMB. MS10-006 addresses two vulnerabilities in the SMBv1 client implementation, and MS10-012addresses four vulnerabilities in the SMB server implementation. In this blog entry, we want to help you understand the vulnerabilities and better prioritize the updates. What are the SMB server vulnerabilities and how could they be exploited?
