Wednesday, July 27, 2011
Protecting the general computing ecosystem is a really tough job, and given some of the media headlines, it’s easy to get discouraged and wallow in the problems. It seems like we’re constantly bombarded with statistics measuring the number of bugs, vulnerabilities, or attacks in an attempt to build an accurate “state of the state.
Tuesday, July 12, 2011
The single Critical vulnerability in today’s batch of security updates addresses an issue in the Bluetooth stack. Your workstations’ risk to this vulnerability varies, depending on a number of factors. I’d like to use this blog post to outline those risk factors. How can I protect my system? The best way to protect any potentially vulnerable system is to apply the MS11-053 security update.
Tuesday, June 14, 2011
Today we released 16 security bulletins. Nine have a maximum severity rating of Critical and seven have a maximum severity rating of Important. This release addresses several publicly disclosed vulnerabilities. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability rating Likely first 30 days impact Platform mitigations and key notes MS11-050(IE) Victim browses to a malicious webpage.
Thursday, May 12, 2011
Hello, Today we published the May Security Bulletin Webcast Questions & Answers page. We fielded twelve questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There were two questions during the webcast that we were unable to answer and we have included those questions and answers on the QA page.
Thursday, May 05, 2011
Hello everyone, Today we are announcing changes to Microsoft’s Exploitability Index. Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more comprehensive for those who use Microsoft’s latest platforms. The Exploitability Index assesses the likelihood of functional exploit code being developed for a particular vulnerability.
Thursday, May 05, 2011
Exploitability Index Improvements Now Offer Additional Guidance In October of 2008, Microsoft published its first Exploitability Index: a rating system that helps customers identify the likelihood that a specific vulnerability would be exploited within the first 30 days after bulletin release. As of this month, we are making some changes to the rating system to make vulnerability assessment more clear and digestible for customers.
Tuesday, April 12, 2011
Today we released security bulletin MS11-034 to address vulnerabilities in the win32k subsystem. This update addresses externally reported issues as well as several internally found vulnerabilities that were discovered as part of our variant investigation. The bulletin may appear to address an alarmingly large number of issues. However, if you dig into the issues themselves, you’ll find that the 30 vulnerabilities addressed in this update really just share three separate vulnerability root causes: insufficient validation or locking of win32k objects after a user-mode callback.
Wednesday, February 16, 2011
Earlier this week a PoC exploit for a vulnerability in the BROWSER protocol was released on Full Disclosure. There has been some discussion regarding whether this issue can result in Remote Code Execution (RCE) or is only a Denial of Service (DoS). This blog post provides details on the exploitability based on our internal analysis.
Tuesday, February 08, 2011
Today we released twelve security bulletins. Three have a maximum severity rating of Critical and nine have a maximum severity rating of Important. This release addresses three publicly disclosed vulnerabilities. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS11-003(IE) Victim browses to a malicious webpage.
Wednesday, December 22, 2010
Today we released Security Advisory 2488013 to notify customers of a new publicly-disclosed vulnerability in Internet Explorer (IE). This vulnerability affects all versions of IE. Exploiting this vulnerability could lead to unauthorized remote code execution inside the iexplore.exe process. Proof-of-concept exploit bypasses ASLR and DEP The Metasploit project recently published an exploit for this vulnerability using a known technique to evade ASLR (Address Space Layout Randomization) and bypass DEP (Data Execution Prevention).
