bulletin

Today we provide advance notification for the release of five bulletins for March 2014, two rated Critical and thee rated Important in severity. These updates address issues in Microsoft Windows, Internet Explorer and Silverlight. The update provided in MS14-012 fully addresses the issue first...

Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Forefront. The vulnerability could allow remote code execution if a specially crafted email message is scanned. Continue...

Severity Rating: Important Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves two publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft .NET Framework. The most severe vulnerability could allow elevation of...

Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet...

Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Forefront. The vulnerability could allow remote code execution if a specially crafted email message is scanned. Continue...

Today we’re publishing the Link Removed. We answered 16 questions in total, with the majority of questions focusing on the Dynamics AX bulletin (MS14-004), the update for Microsoft Word (MS14-001) and the re-release of the Windows 7 and Windows Server 2008 R2 updates provided through MS13-081...

Severity Rating: Important Revision Note: V1.4 (January 15, 2014): Bulletin revised to announce a detection change in update 2687356 (a.k.a. 2687442). This is a detection change only. Customers who have already successfully updated their systems do not need to take any action. Note that update...

Severity Rating: Important Revision Note: V2.2 (January 15, 2014): Bulletin revised to announce a detection change in update 2596911. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action. Summary: This security update...

In January, there are those who like to make predictions about the upcoming year. I am not one of those people. Instead, I like to quote Niels Bohr who said, “Prediction is very difficult, especially if it’s about the future.” However, I can say without a doubt that change is afoot in 2014. In...

Severity Rating: Important Revision Note: V1.0 (January 14, 2014): Bulletin published. Summary: This security update resolves three privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected...

Today we provide advance notification for the release of four bulletins for January 2014. All bulletins this month are rated Important in severity and address vulnerabilities in Microsoft Windows, Office, and Dynamics AX. The update provided in MS14-002 fully addresses the issue first described...

Two weeks ago I, along with 7,500 of my closest friends, attended the Black Hat security conference in Las Vegas, NV. I can’t speak for everyone, but I certainly had a great – if not exhausting – time while there. While there were a lot of great talks, a personal highlight for me each year is...

Today we’re publishing the Link Removed. We answered 17 questions in total, with the majority of questions focusing on the Graphics Component bulletin (MS13-096), Security Advisory 2915720 and Security Advisory 2905247. We also wanted to note a new blog on the Microsoft Security Blog site on...

There are times when we get too close to a topic. We familiarize ourselves with every aspect and nuance, but fail to recognize not everyone else has done the same. Whether you consider this myopia, navel-gazing, or human nature, the effect is the same. I recognized this during the recent webcast...

Severity Rating: Critical Revision Note: V1.0 (December 10, 2013): Bulletin published. Summary: This security update resolves seven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted...

Severity Rating: Important Revision Note: V1.0 (December 10, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted LPC port message to any LPC...

Severity Rating: Critical Revision Note: V1.0 (December 10, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user or application runs or installs a specially...

Revision Note: V1.0 (December 10, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update for all supported releases of Windows to change how signatures are verified for binaries signed with the Windows Authenticode signature format. The change is included with...

Original release date: November 13, 2013 | Last revised: November 16, 2013 Systems Affected Windows Operating System and Components Microsoft Office Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address...

Today we’re publishing the Link Removed. The majority of questions focused on the ActiveX Kill Bits bulletin (MS13-090) and the advisories. We also answered a few general questions that were not specific to any of this month’s updates, but that may be of interest. We’ve discussed the Microsoft...