bulletin

Severity Rating: Important Revision Note: V1.0 (August 12, 2014): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft SharePoint Server. An authenticated attacker who successfully exploited this vulnerability could use a specially crafted...

Severity Rating: Important Revision Note: V1.0 (August 12, 2014): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in Microsoft SQL Server (one in SQL Server Master Data Services and the other in the SQL Server relational database management...

Revision Note: V1.0 (August 7, 2014): Advance notification published. Summary: This is an advance notification of security bulletins that Microsoft is intending to release on August 12, 2014. Continue reading...

This update addresses the vulnerability discussed in Microsoft Security Bulletin MS14-037. To find out if other security updates are available for you, see the Additional Information section at the bottom of this page. Link Removed

This update addresses the vulnerability discussed in Microsoft Security Bulletin MS14-037. To find out if other security updates are available for you, see the Additional Information section at the bottom of this page. Link Removed

Many around the globe have been following the 2014 FIFA World Cup Brazil™ closely. Regardless of which country you are supporting, many folks have been impressed by the defensive display put on by keeper Tim Howard in a loss against Belgium. It was a great performance highlighting a strong...

As security professionals, we are trained to think in worst-case scenarios. We run through the land of the theoretical, chasing “what if” scenarios as though they are lightning bugs to be gathered and stashed in a glass jar. Most of time, this type of thinking is absolutely the correct thing...

Severity Rating: Important Revision Note: V1.0 (June 10, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow tampering if an attacker gains access to the same network segment as the targeted...

Severity Rating: Important Revision Note: V1.0 (June 10, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a sequence of specially crafted packets to the...

Today we provide advance notification for the release of seven Bulletins, two rated Critical and five rated Important in severity. These Updates are for Microsoft Word, Microsoft Office and Internet Explorer. The Update for Internet Explorer addresses Link Removed, which we have not seen used in...

Severity Rating: Critical Revision Note: V1.1 (May 20, 2014): Clarified in the vulnerability FAQ what systems are primarily at risk for CVE-2014-0317. Added Update FAQ to explain why users running Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server...

Severity Rating: Critical Revision Note: V1.1 (April 17, 2014): Revised bulletin to help clarify that although Internet Explorer 10 is not affected by the vulnerabilities described in this bulletin, an update is available for Internet Explorer 10 that includes non-security updates. See the...

Severity Rating: Revision Note: V2.0 (December 10, 2013): Advisory updated to reflect publication of security bulletin. Summary: Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS13-096 to address the Microsoft Graphics Component Memory...

Severity Rating: Critical Revision Note: V2.0 (January 14, 2014): Rereleased bulletin to announce the reoffering of the 2862330 update to systems running Windows 7 or Windows Server 2008 R2. See the Update FAQ for details. Summary: This security update resolves seven privately reported...

Severity Rating: Revision Note: V2.0 (December 13, 2011): Advisory updated to reflect publication of security bulletins. Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-087 to address this issue. For more information about this...

T. S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates. Today, we release four bulletins to address 11 CVEs in...

Severity Rating: Critical Revision Note: V1.0 (April 8, 2014): Bulletin published. Summary: This security update resolves six privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using...

Today we provide advance notification for the release of four bulletins, two rated Critical and two rated Important in severity. These updates address issues in Microsoft Windows, Office and Internet Explorer. The update provided through MS14-017 fully addresses the Microsoft Word issue first...

Today we published the Link Removed. We answered eight questions in total, with the majority focusing on the updates for Windows (MS14-016) and Internet Explorer (MS14-012). One question that was not answered on air has been included on the Q&A page. Here is the video replay. We invite you to...

Severity Rating: Critical Revision Note: V1.0 (March 11, 2014): Bulletin published. Summary: This security update resolves one publicly disclosed vulnerability and seventeen privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user...