Tuesday, June 14, 2011
Today we released 16 security bulletins. Nine have a maximum severity rating of Critical and seven have a maximum severity rating of Important. This release addresses several publicly disclosed vulnerabilities. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability rating Likely first 30 days impact Platform mitigations and key notes MS11-050(IE) Victim browses to a malicious webpage.
Tuesday, April 12, 2011
This month we released updates for the SMB client and server components (MS11-019 and MS11-020 respectively). These bulletins address three externally-reported issues, but also include fixes for several issues that Microsoft identified internally. This blog post provides background on these issues and the work done internally at Microsoft to improve SMB security.
Wednesday, February 16, 2011
Earlier this week a PoC exploit for a vulnerability in the BROWSER protocol was released on Full Disclosure. There has been some discussion regarding whether this issue can result in Remote Code Execution (RCE) or is only a Denial of Service (DoS). This blog post provides details on the exploitability based on our internal analysis.
Tuesday, August 10, 2010
This month Microsoft released an update for Windows to address three vulnerabilities in the SMB Server component. Two of the vulnerabilities are remote denial-of-service (DoS) attacks, while one (CVE-2010-2550) has the potential for remote code execution (RCE). This blog post provides more details on the exploitability of CVE-2010-2550, and outlines why the risk of reliable RCE is low.
Monday, April 12, 2010
Today Microsoft released MS10-020, which addresses several vulnerabilities in the Windows SMB client. This blog post provides additional details to help prioritize installation of the update, and understand the attack vectors and mitigations that apply. Client-side vulnerabilities The first thing to realize is that this update addresses vulnerabilities in the SMB ** client ** in Windows.
Tuesday, February 09, 2010
Today we released two bulletins to address vulnerabilities in SMB. MS10-006 addresses two vulnerabilities in the SMBv1 client implementation, and MS10-012addresses four vulnerabilities in the SMB server implementation. In this blog entry, we want to help you understand the vulnerabilities and better prioritize the updates. What are the SMB server vulnerabilities and how could they be exploited?
Monday, October 12, 2009
This month we are releasing update MS09-050 to address the SMBv2 RCE vulnerability (CVE-2009-3103). Due to the fact that public exploit code exists for this vulnerability, we felt it would be good to summarize the exploit landscape at the time of release, so customers can use this information to prioritize the deployment of the update.
Friday, September 18, 2009
We’d like to give everyone an update on the situation surrounding the new Microsoft Server Message Block Version 2 (SMBv2) vulnerability affecting Windows Vista and Windows Server 2008. Easy way to disable SMBv2 First exploit for code execution released to small number of companies Mitigations that help prevent attacks Status of fixes Easy way to disable SMBv2