2009年10月14日のセキュリティ情報
Tuesday, October 13, 2009
小野寺です 事前通知でお伝えした通り、セキュリティ情報 計 13 件 (緊急 8 件, 重要 5 件)を公開しました。 合わ
ATL
2009年9月9日のセキュリティ情報
Tuesday, September 08, 2009
小野寺です 事前通知でお伝えした通り、セキュリティ情報 計 5 件 (緊急 5 件)を公開しました。 また、セキュリ
2009年8月12日のセキュリティ情報
Tuesday, August 11, 2009
小野寺です 事前通知でお伝えした通り、セキュリティ情報 計 9 件 (緊急 5 件, 重要 4 件)を公開しました。 また
MS09-037: Why we are using CVE's already used in MS09-035
Tuesday, August 11, 2009
MS09-035 was released July 28 to address vulnerabilities in the Visual Studio Active Template Library (ATL). A related security update, MS09-034, included a defense-in-depth Internet Explorer mitigation to help protect against attacks in vulnerable components. This morning, we released security bulletin MS09-037 to addresses the ATL vulnerabilities in several Windows components.
MS09-029のスプーラーの件と MS09-034 & MS09-035の更新
Tuesday, August 04, 2009
小野寺です。 先日、定例外でリリースした MS09-034 と MS09-035、それと MS09-029 を更新しました。また、MS09-
2009年7月29日のセキュリティ情報 (定例外)
Tuesday, July 28, 2009
小野寺です 2009 年 7 月 24 日に事前通知でお伝えした通り、定例外で、セキュリティ情報 計 2 件 (緊急 1 件, 警告 1
ATL vulnerability developer deep dive
Tuesday, July 28, 2009
This morning we released MS09-035 to address ATL vulnerabilities in Visual Studio. This blog post will help you answer the following questions: What are the ATL vulnerabilities? Which versions of ATL are vulnerable? How can I tell if my ActiveX control is affected? How can I fix a vulnerable control? What are the ATL vulnerabilities?
Internet Explorer Mitigations for ATL Data Stream Vulnerabilities
Tuesday, July 28, 2009
IE security update MS09-034 implements two defense-in-depth measures intended to mitigate the threat of attacks which attempt to exploit the Microsoft Active Template Library (ATL) vulnerabilities described in Security Advisory 973882 and MS09-034. We would like to explain these mitigations in more detail. ATL persisted data checks The first mitigation is a change to modify how ATL-based controls read persisted data by detecting specific call patterns that are problematic.
MSVIDCTL (MS09-032) and the ATL vulnerability
Tuesday, July 28, 2009
Today we have released Security Advisory 973882 that describes vulnerabilities in the Microsoft Active Template Library (ATL), as well as security updates for Internet Explorer (MS09-034) and Visual Studio (MS09-035). The Visual Studio update addresses several vulnerabilities in the public versions of the ATL headers and libraries. The IE update contains two defense in depth mitigations to help prevent exploitation of the ATL vulnerabilities described in Security Advisory 973882 and MS09-035 (the IE updates contains additional security fixes that are not related to the ATL issue).
Overview of the out-of-band release
Tuesday, July 28, 2009
Today we released Security Advisory 973882 and with it, two out-of-band security bulletins. These updates are MS09-034 (an Internet Explorer update) and MS09-035 (a Visual Studio update). At this time _for customers who have applied _ MS09-032_ we are not aware of any “in the wild” exploits that leverage the vulnerabilities documented in 973882 and MS09-035_.