-
Unauthorized Digital Certificates Could Allow Spoofing - Version: 1.1
Severity Rating: Revision Note: V1.1 (June 13, 2012): Advisory revised to notify customers that Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices are not affected by the issue. Summary: Microsoft is aware of active attacks using three unauthorized digital certificates derived...- News
- Thread
- access denied active attacks browser security certificate cybersecurity digital certificates extended security updates internet explorer man-in-the-middle microsoft phishing revision note security security advisory spoofing vulnerability web security windows phone
- Replies: 0
- Forum: Security Alerts
-
Security Advisory 2416728 - Workaround Update
Hi everyone - We've updated Microsoft Security AdvisoryLink Removed due to 404 Error to include a step in the workaround requiring the blocking of requests that specify the application error path on the querystring. This can be done using URLScan, a free tool for Internet Information Services...- News
- Thread
- active attacks advisory block requests email alerts iis microsoft monitoring msrc blog network security request filtering scott guthrie security server 2008 trustworthy computing update urlscan vulnerability windows 7 windows vista workaround
- Replies: 0
- Forum: Security Alerts
-
Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -
Revision Note: V1.2 (September 24, 2010): Added an entry to the FAQ to announce a revision to the workaround, "Enable a UrlScan or Request Filtering rule, enable ASP.NET custom errors, and map all error codes to the same error page." Customers who have already applied the workaround should...- News
- Thread
- active attacks advisory asp.net customerrors encryption errorpage faq information information disclosure microsoft request filtering security security breach server issues tampering urlscan viewstate vulnerability web.config workaround
- Replies: 0
- Forum: Security Alerts
-
Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -
Revision Note: V1.1 (September 20, 2010): Revised Executive Summary to communicate that Microsoft is aware of limited, active attacks. Also added additional entries to the Frequently Asked Questions section and additional clarification to the workaround. Advisory Summary:Microsoft is...- News
- Thread
- active attacks advisory asp.net encryption error codes information disclosure microsoft security vulnerability web.config
- Replies: 1
- Forum: Security Alerts