-
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
Revision Note: V1.0 (December 12, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to provide information regarding security settings for the AD DS (Active Directory Domain Services) account used by Azure AD Connect for directory synchronization. This advisory...- News
- Thread
- account management active directory administration advisory azure ad guidance microsoft on-premises security sync
- Replies: 0
- Forum: Security Alerts
-
4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
Revision Note: V1.0 (June 27, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to inform customers that a new version of Azure Active Directory (AD) Connect is available that addresses an Important security vulnerability. Continue reading...- News
- Thread
- active directory advisory azure ad connection elevation microsoft revision security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
3123479 - SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0
Revision Note: V2.0 (March 14, 2017): Advisory rereleased to announce that the changes described in this advisory have been reverted as of November 2016. This is an informational change only. Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. Continue...- News
- Thread
- advisory algorithms hashing informational microsoft policy change programs root certificate security sha1
- Replies: 0
- Forum: Security Alerts
-
4022344 - Security Update for Microsoft Malware Protection Engine - Version: 1.2
Severity Rating: Critical Revision Note: V1.2 (May 12, 2017): Added entries into the affected software table. This is an informational change only. Summary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a...- News
- Thread
- advisory critical engine malware microsoft protection security software update vulnerability
- Replies: 0
- Forum: Security Alerts
-
4010983 - Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service - Version: 1.0
Revision Note: V1.0 (January 27, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.1.0. This advisory also provides guidance on what developers can do to update their...- News
- Thread
- advisory asp.net denial of service developers guidance microsoft mvc security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
3214296 - Vulnerabilities in Identity Model Extensions Token Signing Verification Could Allow Elevation of Privilege - Version: 1.0
Revision Note: V1.0 (January 10, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public version of Identity Model Extensions 5.1.0. This advisory also provides guidance on what developers can do to help ensure...- News
- Thread
- advisory development guidance identity model microsoft privilege escalation security token signing update vulnerability
- Replies: 0
- Forum: Security Alerts
-
3181759 - Vulnerabilities in ASP.NET Core View Components Could Allow Elevation of Privilege - Version: 1.0
Revision Note: V1.0 (September 13, 2016): Advisory published. Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.0.0. This advisory also provides guidance on what developers can do to help ensure that...- News
- Thread
- advisory application asp.net cores developers mvc privilege security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
3174644 - Updated Support for Diffie-Hellman Key Exchange - Version: 1.0
Revision Note: V1.0 (September 13, 2016): Advisory published. Summary: Continue reading...- News
- Thread
- advisory diffie-hellman extended security updates key exchange microsoft revision note technology version 1.0
- Replies: 0
- Forum: Security Alerts
-
3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1
Revision Note: V1.1 (February 10, 2016): Advisory updated to include download information for Microsoft ASP.NET Web Frameworks, and Tools and Microsoft ASP.NET and Web Tools. This is an informational change only. Summary: Microsoft is releasing this security advisory to provide information about...- News
- Thread
- advisory asp.net development microsoft mvc security tampering visual studio vulnerability web frameworks
- Replies: 0
- Forum: Security Alerts
-
3118753 - Updates for ActiveX Kill Bits 3118753 - Version: 1.0
Revision Note: V1.0 (January 12, 2016): Advisory published. Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update released on January 12, 2016. Continue reading...- News
- Thread
- 2016 activex advisory cumulative internet explorer kill bits microsoft revision security update
- Replies: 0
- Forum: Security Alerts
-
3042058 - Update to Default Cipher Suite Priority Order - Version: 1.1
Revision Note: V1.1 (October 13, 2015): Advisory revised to announce that the Default Cipher Suite Prioritization update (3042058), originally released May 12, 2015 via the Microsoft Download Center (DLC) only, is now also available via Microsoft Update (MU) and Windows Server Update Services...- News
- Thread
- advisory cipher cryptography download center encryption microsoft priority revision note security server 2008 server 2012 update version 1.0 windows 7 windows 8 windows 8.1 windows server windows server 2012 r2 windows update wsus
- Replies: 0
- Forum: Security Alerts
-
April 2019 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Link Removed. Tags Security Advisory Security...- News
- Thread
- advisory april automatic malicious software patch protection release security update windows
- Replies: 0
- Forum: Security Alerts
-
TA18-004A: Meltdown and Spectre Side-Channel Vulnerability Guidance
Original release date: January 04, 2018 Systems Affected CPU hardware implementations Overview On January 3, 2018, the National Cybersecurity and Communications Integration Center (NCCIC) became aware of a set of security vulnerabilities—known as Meltdown and Spectre— that affect modern...- News
- Thread
- advisory amazon architecture attack cloud solutions cpu cybersecurity guidance information kernel linux meltdown mitigation nccic patch performance security spectre vulnerability
- Replies: 0
- Forum: Security Alerts
-
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
Revision Note: V1.0 (December 12, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to provide information regarding security settings for the AD DS (Active Directory Domain Services) account used by Azure AD Connect for directory synchronization. This advisory...- News
- Thread
- 2017 account management account security active directory advisory azure ad directory services file synchronization guidance it administration microsoft on-premises revision note security security advisory settings sync technet version 1.0
- Replies: 0
- Forum: Security Alerts
-
4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange...
Revision Note: V1.0 (November 8, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to provide information regarding security settings for Microsoft Office applications. This advisory provides guidance on what users can do to ensure that these applications are...- News
- Thread
- 2017 advisory application dde documents dynamic data exchange field guidance information microsoft office process revision note safety security settings support update user tips v1.0
- Replies: 0
- Forum: Security Alerts
-
4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
Revision Note: V1.0 (June 27, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to inform customers that a new version of Azure Active Directory (AD) Connect is available that addresses an Important security vulnerability. Continue reading...- News
- Thread
- active directory advisory azure ad elevation of privilege microsoft security technet update version 1.0 vulnerability
- Replies: 0
- Forum: Security Alerts
-
4025685 - Guidance related to June 2017 security update release - Version: 1.0
Revision Note: V1.0 (June 13, 2017): Advisory published Summary: Microsoft is announcing the availability of additional guidance for critical security updates, that are at heightened risk of exploitation due to past and threatened nation-state attacks and disclosures. Some of the releases are...- News
- Thread
- advisory critical exploitation guidance information disclosure june microsoft nation older platforms patch management public availability risk security update version 1.0 vulnerability
- Replies: 0
- Forum: Security Alerts
-
4021279 - Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege -...
Revision Note: V1.0 (May 9, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to provide information about vulnerabilities in the public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications...- News
- Thread
- .net 2017 advisory application asp.net cores developers guidance improve info microsoft patch privilege release revision security technet threats update vulnerability
- Replies: 0
- Forum: Security Alerts
-
4010323 - Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet...
Revision Note: V1.0 (May 9, 2017): Advisory published. Summary: Beginning May 9, 2017, Microsoft released updates to Microsoft Edge and Internet Explorer 11 to block sites that are protected with a SHA-1 certificate from loading and displays an invalid certificate warning. This change will only...- News
- Thread
- advisory certificate management certificate warning deprecation enterprise certificates extended security updates internet explorer microsoft edge migration revision note self-signed certificates sha-2 sha1 ssl certificates tech news tls certificates trusted root update web security windows
- Replies: 0
- Forum: Security Alerts
-
4021279 - Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege -...
Revision Note: V1.0 (May 9, 2017): Advisory published. Summary: Microsoft is releasing this security advisory to provide information about vulnerabilities in the public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications...- News
- Thread
- 2017 advisory application asp.net asp.net core development guidance management microsoft patch privilege programming release revision security software update vulnerability web development
- Replies: 0
- Forum: Security Alerts