bulletin

Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office and Exchange. We encourage you to apply all of...

Severity Rating: Critical Revision Note: V1.0 (December 9, 2014): Bulletin published. Summary: This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially...

Today, we provide advance notification for the release of seven Security Bulletins. Three of these updates are rated Critical and four are rated as Important in severity. These updates are for Microsoft Windows, Internet Explorer (IE), Office and Exchange. As per our monthly process, we’ve...

Revision Note: V1.0 (December 4, 2014): Advance notification published. Summary: This is an advance notification of security bulletins that Microsoft is intending to release on December 9, 2014 Continue reading...

Today, we released an out-of-band security update to address a vulnerability in Kerberos which could allow Elevation of Privilege. This update is for all supported versions of Windows Server and includes a defense-in-depth update for all supported versions of Windows. We strongly encourage...

Original release date: November 19, 2014 Systems Affected Microsoft Windows Vista, 7, 8, and 8.1 Microsoft Server 2003, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2 Overview A remote escalation of privilege vulnerability exists in implementations of Kerberos Key Distribution...

On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows. We strongly encourage customers to apply this update as soon as possible, following the directions in the security bulletin. More information...

Original release date: November 14, 2014 Systems Affected Microsoft Windows Vista, 7, 8, 8.1, RT, and RT 8.1 Microsoft Server 2003, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2 Microsoft Windows XP and 2000 may also be affected. Overview A critical vulnerability in...

Severity Rating: Moderate Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker places a specially crafted TrueType font on a...

Severity Rating: Important Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow elevation of privilege if an attacker sends specially crafted data to an...

Severity Rating: Important Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Internet Microsoft Information Services (IIS) that could lead to a bypass of the "IP and domain restrictions" security feature...

Today, we provide advance notification for the release of 16 Security Bulletins. Five of these updates are rated Critical, nine are rated as Important, and two are rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer, Office, Exchange, .NET Framework, Internet...

Revision Note: V1.0 (November 6, 2014): Advance notification published. Summary: This is an advance notification of security bulletins that Microsoft is intending to release on November 11, 2014 Continue reading...

Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32...

Severity Rating: Critical Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: Continue reading...

Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output...

Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates...

Severity Rating: Critical Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially...

Today, we provide advance notification for the release of nine Security Bulletins. Three of these updates are rated Critical, five are rated as Important, and one is rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer, Office, .NET Framework, and ASP.NET. As...

Revision Note: V1.0 (October 9, 2014): Advance notification published. Summary: This is an advance notification of security bulletins that Microsoft is intending to release on October 14, 2014 Continue reading...