Revision Note: V1.0 (May 10, 2016): Advisory published.
Summary: FalseStart allows the TLS client to send application data before receiving and verifying the server Finished message. This allows an attacker to launch a man-in-the-middle (MiTM) attack to force the TLS client to encrypt the first...
Revision Note: V1.0 (May 10, 2016): Advisory published.
Summary: FalseStart allows the TLS client to send application data before receiving and verifying the server Finished message. This allows an attacker to launch a man-in-the-middle (MiTM) attack to force the TLS client to encrypt the first...
advisory
application data
cipher suites
client
downgrade attacks
encryption
falsestart
microsoft
mitm
network security
protocol
records
revision note
security
server
technet
tls
update
version 1.0
Revision Note: V1.1 (February 10, 2016): Advisory updated to include download information for Microsoft ASP.NET Web Frameworks, and Tools and Microsoft ASP.NET and Web Tools. This is an informational change only.
Summary: Microsoft is releasing this security advisory to provide information about...
2016
advisory
asp.net
components
development
february
guidance
information
microsoft
mvc5
mvc6
public versions
revision
security
tampering
tools
update
visual studio
vulnerabilities
web frameworks
Revision Note: V1.0 (January 12, 2016): Advisory published.
Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy no longer allows root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of...
Revision Note: V1.0 (January 12, 2016): Advisory published.
Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update released on January 12, 2016.
Continue reading...
Revision Note: V1.0 (January 12, 2016): Advisory published.
Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update released on January 12, 2016.
Continue reading...
Revision Note: V1.0 (January 12, 2016): Advisory published.
Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy no longer allows root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of...
Revision Note: V1.0 (December 8, 2015): Advisory published.
Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used...
advisory
certificate
cybersecurity
digital certificate
man-in-the-middle
microsoft
private keys
security
security advisory
spoofing
ssl
supported releases
technet
tls
update
v1.0
vulnerability
windows
xbox live
Revision Note: V1.0 (December 8, 2015): Advisory published.
Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used...
2015
advisory
certificate
cybersecurity
digital certificate
man-in-the-middle
microsoft
private keys
revision note
security
spoofing
ssl
support
technet
tls
update
v1.0
vulnerability
windows
xbox live
Revision Note: V1.0 (November 30, 2015): Advisory published.
Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate...
Revision Note: V1.0 (November 30, 2015): Advisory published.
Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate...
Revision Note: V1.0 (November 10, 2015): Advisory published.
Summary: Microsoft is announcing the availability of a security update for Windows Hyper-V to protect against a denial of service condition that can be triggered with certain central processing unit (CPU) chipsets. Although the...
2015
advisory
chipset
cpu
denial of service
exploitation
hyper-v
kernel mode
microsoft
operating systems
patch
security
system update
technology
update
version 1.0
virtualization
weakness
windows
Severity Rating: Important
Revision Note: V1.0 (July 14, 2015): Advisory published
Summary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malicious Software Removal Tool (MSRT) is available that addresses a security vulnerability that was...
Today, as part of Update Tuesday, we released 8 security bulletins.
We encourage customers to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI), visit the Microsoft Bulletin Summary webpage. If you...
advisory
bulletins
cybersecurity
exploitability index
insecurity
it security
june 2015
malware
microsoft
monthly update
msrc
patch
security
software update
system patch
technet
threat
updates
vulnerability
windows update
Revision Note: V1.0 (May 12, 2015): Advisory published.
Summary: Microsoft is announcing the availability of an update to cryptographic cipher suite prioritization in Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. The update adds...
advisory
cipher
cipher suites
cryptography
default
encryption
improvements
microsoft
os update
priority
security
server 2008
server 2012
server 2012 r2
system update
update
version 1.0
windows 7
windows 8
windows 8.1
Today, as part of Update Tuesday, we released 13 security bulletins.
We encourage customers to apply all of these updates. For more information about this month’s security updates, including a detailed view of the Exploitability Index (XI), visit the Microsoft Bulletin Summary webpage. If you...
advisory
bulletins
customer advisory
cybersecurity
exploitability index
follow
information
may updates
microsoft
msrc
networking
patch
security
technet
threats
twitter
update tuesday
updates
vulnerabilities
windows
Revision Note: V1.0 (May 12, 2015): Advisory published.
Summary: Microsoft is announcing the availability of an update to cryptographic cipher suite prioritization in Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. The update adds...
advisory
cipher
cryptography
default
encryption
improvements
operating systems
prioritization
security
suite
update
windows 7
windows 8
windows 8.1
windows server