attack

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. Source: Link Removed

Severity Rating: Important Revision Note: V1.0 (March 12, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft OneNote. The vulnerability could allow information disclosure if an attacker convinces a user to open...

Original release date: March 05, 2013 Systems Affected Any system using Oracle Java 7, 6, 5 (1.7, 1.6, 1.5) including Java Platform Standard Edition 7 (Java SE 7) Java Platform Standard Edition 6 (Java SE 6) Java Platform Standard Edition 6 (Java SE 5) Java SE Development Kit (JDK...

Original release date: January 10, 2013 | Last revised: February 06, 2013 Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7) Java SE Development Kit (JDK 7) Java SE Runtime Environment (JRE 7) OpenJDK 7 and 7u IcedTea...

Severity Rating: Critical Revision Note: V1.0 (February 12, 2013) Bulletin published. Summary: This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted...

Revision Note: V1.1 (December 31, 2012): Added link to Microsoft Fix it solution, "MSHTML Shim Workaround," that prevents exploitation of this issue. Summary: Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer...

Severity Rating: Important Revision Note: V1.0 (January 8, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the Open Data (OData) protocol. The vulnerability could allow denial of service if an unauthenticated attacker...

Severity Rating: Important Revision Note: V1.0 (January 8, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the implementation of SSL and TLS in Microsoft Windows. The vulnerability could allow security feature bypass...

Severity Rating: Critical Revision Note: V1.0 (September 21, 2012): Bulletin published. Summary: This security update resolves one publicly disclosed and four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code...

Revision Note: V1.0 (September 17, 2012): Advisory published. Summary: Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9. Internet Explorer 10 is not affected. Microsoft is aware of...

Revision Note: V1.2 (September 11, 2012): Clarified that applications and services that use RSA keys for cryptography and call into the CertGetCertificateChain function could be impacted by this update. Examples of these applications and services include but are not limited to encrypted email...

Severity Rating: Critical Revision Note: V1.0 (August 14, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website...

Severity Rating: Important Revision Note: V1.0 (July 10, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file or directory with...

Severity Rating: Important Revision Note: V1.0 (July 10, 2012): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in TLS. The vulnerability could allow information disclosure if an attacker intercepts encrypted web traffic served...

Severity Rating: Important Revision Note: V1.0 (June 12, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability and one publicly disclosed vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of...

Syndicated from the United States Security Readiness Team (US-CERT). Link Removed - Invalid URL

Today, as a part of our continuing phased mitigation strategy recently discussed, we have initiated the additional hardening of Windows Update. We’ve also provided more information about the MD5 hash-collision attacks used by the Flame malware in the SRD blog. This information should help...

Hello, At Microsoft, our commitment is to help ensure customer trust in their computing experience. That was the impetus for Trustworthy Computing, and central to that is the priority we place on taking the necessary actions to help protect our customers. Yesterday, we issued Security Advisory...

Severity Rating: Critical Revision Note: V1.2 (May 22, 2012): Added an entry to the Frequently Asked Questions (FAQ) Related to This Security Update section to explain this revision. Summary: This security update resolves three publicly disclosed vulnerabilities and seven...

Resolves a vulnerability in Windows Movie Maker and Microsoft Office Producer for Microsoft Office PowerPoint 2003 that could allow remote code execution if an attacker sent a specially crafted Movie Maker or Producer file. More...