attacks

* Post-Fukushima inspections found issues at U.S. plants * Plants must certify compliance with rules by June 10 * Additional certifications required in July * Industry says "well on its way" to providing answers * INPO president: "We cannot resort to business as usual" (Adds industry quotes...

Revision Note: V2.0 (April 19, 2011): Added Windows Mobile 6.x, Windows Phone 7, Microsoft Kin, and Zune devices to affected software and devices.Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root...

Last summer at the Black Hat security conference, we announced a philosophical shift in how we refer to vulnerability disclosure, called "Coordinated Vulnerability Disclosure" (CVD). Our intent was to focus on how coordination and collaboration are required to resolve security issues in a way...

Revision Note: V1.1 (March 11, 2011): Revised Executive Summary to reflect investigation of limited, targeted attacks. Advisory Summary:Microsoft has completed the investigation into public reports of this vulnerability. We have issued MS11-026 to address this issue. For more information about...

Just a line to see if anyone has encounterd ,that internet nasty vista 2011 malware remover,that is a trojan,that attaches itself to windows secdurity center, or pretends to be windows security center, and begins to warn through various false scans and notices, of attacks and spyware ,and all...

Revision Note: V1.3 (January 11, 2011): Revised the workaround, Prevent the recursive loading of CSS style sheets in Internet Explorer, to add the impact for the workaround.Summary: Microsoft is investigating new, public reports of limited attacks attempting to exploit a vulnerability in all...

Revision Note: V1.2 (January 11, 2011): Added the workaround, Prevent the recursive loading of CSS style sheets in Internet Explorer, and revised Executive Summary to reflect investigation of limited attacks. Advisory Summary:Microsoft is investigating new, public reports of targeted attacks...

Sure there must be a simply explanation for that cat with all the cash and the dodgy looking guy in fancy dress .:P

BH Landscape Next week, many of us here will be heading down to Las Vegas for Black Hat. The MSRC, and other teams in Microsoft, have been attending Black Hat for years. In fact, we've been sponsoring the show for the last eight years-the last five as a platinum sponsor. Some might ask why...

Overview Today we released MicrosoftLink Removed due to 404 Error. This is different from other Microsoft Security Advisories because it's not talking about specific vulnerabilities in Microsoft products. Rather, this is our official guidance in response to security research that has outlined a...

Hi everyone - We've just updated Link Removed due to 404 Error as we've begun to see limited attacks with the ASP.NET vulnerability. We have added questions and answers and encourage customers to review this information and evaluate it for their environment. We have also added additional...

Revision Note: V1.0 (August 10, 2010): Advisory published.Summary: Microsoft is aware of the potential for attacks that leverage the Windows Service Isolation feature to gain elevation of privilege. This advisory discusses potential attack scenarios and provides suggested actions that can help...

Revision Note: V1.0 (August 10, 2010): Advisory published.Summary: Microsoft is aware of the potential for attacks that leverage the Windows Service Isolation feature to gain elevation of privilege. This advisory discusses potential attack scenarios and provides suggested actions that can help...

Revision Note: V1.0 (July 16, 2010) Advisory published. Advisory Summary:Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are...

Link Removed The cross-site scripting filter that ships with Microsoft’s Internet Explorer 8 browser can be abused by attackers to launch cross-site scripting attacks on websites and web pages that would otherwise be immune to this threat. According to a Link Removed at this year’s Black Hat...

Microsoft announced today of new attacks against IE6 and IE7. An unpatched bug that attackers have been recently exploiting, which injects malicious code the computer. The oldest IE 5.01 and the newest IE 8 respectively, are not vulnerable to such attacks. The best way to defend from these...

Microsoft is going to release a monster security update for its Patch Tuesday release, repairing a total of 26 vulnerabilities in Microsoft Windows and Office with 13 updates, five of which are ranked "critical." According to Microsoft's advanced notification bulletin seven are rated with the...

Address Resolution Protocol (ARP), because of its simpleness, fastness, and effectiveness, is becoming increasingly popular among internet raggers, thus causing severe influence to the internet environment. ARP spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique...