bulletin

Severity Rating: Critical Revision Note: V1.1 (May 20, 2014): Clarified in the vulnerability FAQ what systems are primarily at risk for CVE-2014-0317. Added Update FAQ to explain why users running Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server...

Severity Rating: Critical Revision Note: V1.1 (April 17, 2014): Revised bulletin to help clarify that although Internet Explorer 10 is not affected by the vulnerabilities described in this bulletin, an update is available for Internet Explorer 10 that includes non-security updates. See the...

Severity Rating: Revision Note: V2.0 (December 10, 2013): Advisory updated to reflect publication of security bulletin. Summary: Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS13-096 to address the Microsoft Graphics Component Memory...

Severity Rating: Critical Revision Note: V2.0 (January 14, 2014): Rereleased bulletin to announce the reoffering of the 2862330 update to systems running Windows 7 or Windows Server 2008 R2. See the Update FAQ for details. Summary: This security update resolves seven privately reported...

Severity Rating: Revision Note: V2.0 (December 13, 2011): Advisory updated to reflect publication of security bulletins. Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-087 to address this issue. For more information about this...

T. S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates. Today, we release four bulletins to address 11 CVEs in...

Severity Rating: Critical Revision Note: V1.0 (April 8, 2014): Bulletin published. Summary: This security update resolves six privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using...

Today we provide advance notification for the release of four bulletins, two rated Critical and two rated Important in severity. These updates address issues in Microsoft Windows, Office and Internet Explorer. The update provided through MS14-017 fully addresses the Microsoft Word issue first...

Today we published the Link Removed. We answered eight questions in total, with the majority focusing on the updates for Windows (MS14-016) and Internet Explorer (MS14-012). One question that was not answered on air has been included on the Q&A page. Here is the video replay. We invite you to...

This month we release five bulletins to address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight. If you need to prioritize, the update for Internet Explorer addresses the issue first described in Security Advisory 2934088, so it should be at the top of your list. While...

Severity Rating: Critical Revision Note: V1.0 (March 11, 2014): Bulletin published. Summary: This security update resolves one publicly disclosed vulnerability and seventeen privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user...

Today we provide advance notification for the release of five bulletins for March 2014, two rated Critical and thee rated Important in severity. These updates address issues in Microsoft Windows, Internet Explorer and Silverlight. The update provided in MS14-012 fully addresses the issue first...

Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Forefront. The vulnerability could allow remote code execution if a specially crafted email message is scanned. Continue...

Severity Rating: Important Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves two publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft .NET Framework. The most severe vulnerability could allow elevation of...

Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet...

Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Forefront. The vulnerability could allow remote code execution if a specially crafted email message is scanned. Continue...

Today we’re publishing the Link Removed. We answered 16 questions in total, with the majority of questions focusing on the Dynamics AX bulletin (MS14-004), the update for Microsoft Word (MS14-001) and the re-release of the Windows 7 and Windows Server 2008 R2 updates provided through MS13-081...

Severity Rating: Important Revision Note: V1.4 (January 15, 2014): Bulletin revised to announce a detection change in update 2687356 (a.k.a. 2687442). This is a detection change only. Customers who have already successfully updated their systems do not need to take any action. Note that update...

Severity Rating: Important Revision Note: V2.2 (January 15, 2014): Bulletin revised to announce a detection change in update 2596911. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action. Summary: This security update...

In January, there are those who like to make predictions about the upcoming year. I am not one of those people. Instead, I like to quote Niels Bohr who said, “Prediction is very difficult, especially if it’s about the future.” However, I can say without a doubt that change is afoot in 2014. In...