Revision Note: V1.0 (August 20, 2012): Advisory published.
Summary: Microsoft is aware that detailed exploit code has been published for known weaknesses in the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2). The MS-CHAP v2 protocol is widely used as an...
Today we’re publishing the Link Removed. During the webcast, we fielded 17 questions focusing on Security Update MS13-088, and SecurityAdvisory 2794220 which was deprecated by this update release. All questions and answers are included in the transcript.
We invite our customers to join...
Today, we released MS13-008 to address the issue described in Security Advisory 2794220. We’ve seen only a limited number of attacks through an issue in Internet Explorer 6-8, but the potential exists that more customers could be affected. The majority of customers have automatic updates...
Today, we are providing Advance Notification to customers that at approximately 10 a.m. PST on Monday, January 14, 2013, we will release an out-of-band security update to fully address the issue described in Security Advisory 2794220. While we have still seen only a limited number of customers...
advisory
automatic updates
bug fixes
critical
customer advisory
cve-2012-4792
dustin childs
internet explorer
live webcast
msrc
notification
pst time
security
support
tech news
trustworthy computing
update
vulnerability
web registration
windows update
Revision Note: V1.1 (December 31, 2012): Added link to Microsoft Fix it solution, "MSHTML Shim Workaround," that prevents exploitation of this issue.
Summary: Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer...
Hello,
Today we released Security Advisory 2798897 to notify customers that we are aware of active attacks using a fraudulent digital certificate issued by TURKTRUST Inc. To help protect customers, we have updated the Certificate Trust List (CTL) to remove the trust of the certificates causing...
advisory
attacks
certificate
communications
customers
digital
fraudulent
management
protection
security
software
trustlist
trustworthy
turktrust
update
windows server
windows vista
windows xp
Revision Note: V1.0 (January 3, 2013): Advisory published.
Summary: Microsoft is aware of active attacks using one fraudulent digital certificate issued by TURKTRUST Inc., which is a CA present in the Trusted Root Certification Authorities Store. This fraudulent certificate could be...
We have updated Security Advisory 2749920 to include the Fix it we discussed in Saturday’s blog post. This easy, one-click Fix it is Link Removed to everyone and prevents the vulnerability from being used for code execution without affecting your ability to browse the Web. Additionally...
Today, we released Security Advisory 2794220 regarding an issue that impacts Internet Explorer 6, 7, and 8. We are only aware of a very small number of targeted attacks at this time. This issue allows remote code execution if users browse to a malicious website with an affected browser. This...
Revision Note: V1.0 (December 29, 2012): Advisory published.
Summary: Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8. Internet Explorer 9 and Internet Explorer 10 are not affected by the vulnerability...
Revision Note: V2.0 (December 29, 2011): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-100 to address this issue. For more information about this issue...
Revision Note: V2.0 (December 13, 2011): Advisory updated to reflect publication of security bulletins.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-087 to address this issue. For more information about this issue...
Revision Note: V1.0 (July 10, 2012): Advisory published.
Summary: Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables the Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7. Disabling the Windows Sidebar and...
advisory
computer security
execution
fix
gadgets
internet safety
malware
microsoft
protection
remote code
security
sidebar
update
vulnerabilities
windows 7
windows vista
Security Updates
Today we released six security bulletins to help protect our customers - four Critical, one Important, and one Moderate – addressing 19 vulnerabilities in Microsoft Windows Shell, Windows Kernel, Internet Explorer, Internet Information Services (IIS), .NET Framework, and...
advisory
best practices
bulletin
compatibility
configuration manager
deployment
impact
internet explorer
microsoft
privileged access
risk
security
system center
truetype font
updates
visual basic
vulnerabilities
webcast
windows
windows kernel
Today, in conjunction with Adobe’s update process, we have revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10. Customers who have automatic updates enabled will not need to take any action because protections will be downloaded and installed...