attacker

Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in the Windows OpenType Compact Font Format (CFF) driver. The vulnerability could allow remote code execution if a user views content rendered in a specially crafted CFF font. In all cases, an...

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in the JScript and VBScript scripting engines. The vulnerability could allow information disclosure if a user visited a specially crafted Web site. An attacker would have no way to force users...

Severity Rating: Important - Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in Windows Movie Maker. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate...

Severity Rating: Critical - Revision Note: V1.0 (November 9, 2010): Bulletin published.Summary: This security update resolves one publicly disclosed vulnerability and four privately reported vulnerabilities in Microsoft Office. The most severe vulnerability could allow remote code execution if a...

Severity Rating: Critical - Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in the Microsoft Windows Media Player Network Sharing Service. The vulnerability could allow remote code execution if an attacker sent...

Bulletin Severity Rating:Moderate - This security update resolves a publicly disclosed vulnerability in the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user is logged on with administrative user rights and opens an application built with the...

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. An attacker who...

Revision Note: V1.0 (September 14, 2010): Advisory published.Summary: Microsoft has completed the investigation of a publicly disclosed vulnerability in Outlook Web Access (OWA) that may affect Microsoft Exchange customers. An attacker who successfully exploited this vulnerability could hijack...

Revision Note: V1.0 (September 14, 2010): Advisory published.Summary: Microsoft has completed the investigation of a publicly disclosed vulnerability in Outlook Web Access (OWA) that may affect Microsoft Exchange customers. An attacker who successfully exploited this vulnerability could hijack...

Revision Note: V1.0 (September 14, 2010): Advisory published. Advisory Summary:Microsoft has completed the investigation of a publicly disclosed vulnerability in Outlook Web Access (OWA) that may affect Microsoft Exchange customers. An attacker who successfully exploited this vulnerability could...

Revision Note: V1.0 (September 14, 2010): Advisory published.Summary: Microsoft has completed the investigation of a publicly disclosed vulnerability in Outlook Web Access (OWA) that may affect Microsoft Exchange customers. An attacker who successfully exploited this vulnerability could hijack...

Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Information Services (IIS). The most severe of these vulnerabilities could allow remote code execution if a client sends a specially...

Severity Rating: Important - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves one publicly disclosed and four privately reported vulnerabilities in the Windows kernel-mode drivers. The most severe of these vulnerabilities could allow elevation of...

Severity Rating: Important - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in the Tracing Feature for Services. The vulnerabilities could allow elevation of privilege...

A remote code execution vulnerability exists in the Vector Markup Language (VML) implementation in Microsoft Windows. An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML e-mail that could potentially allow remote code execution if a user visited the...