code execution

Resolves a vulnerability in Windows Explorer that could allow remote code execution if a user visited a specially crafted webpage. More...

Hello, Have you ever wondered why bulletins group particular issues together? Or one set of products and not another? Well today Jonathan Ness has posted an insightful Security Research & Defense (SRD) blog discussing some of the nuances and packaging decisions that went into MS12-034. This is...

Resolves a vulnerability in the Windows kernel-mode drivers that could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files. More...

Resolves a vulnerability in Windows that could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font in any of the three client applications that can render EOT fonts. More...

Java and .NET are like twins separated at birth, but what if you actually want to run your Java code on .NET? IKVM.NET aims to provide a full Java platform on top of the .NET Framework and in this talk we'll look at how this is accomplished and what the challenges are. Link Removed More...

Severity Rating: Important Revision Note: V1.1 (March 14, 2012): Removed erroneous installation switch option descriptions from the Security Update Deployment tables for all supported releases. This is an informational change only. There were no changes to the detection logic or the...

Severity Rating: Critical Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an...

Resolves vulnerabilities that could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems... More...

Resolves a vulnerability in Active Directory that could allow remote code execution. More...

Resolves security vulnerabilities that exist in Windows Mail and in Windows Meeting Space that could allow remote code execution if a user opens a legitimate file (such as a .eml or .wcinv file) that is located in the same network directory as a... More...

Severity Rating: Important Revision Note: V1.5 (May 4, 2011): Corrected the bulletin replacement information for Remote Desktop Connection 5.2 Client on supported editions of Windows XP Service Pack 3. This is a bulletin change only. There were no changes to the detection or security...

Severity Rating: Important Revision Note: V4.0 (August 9, 2011): Added Microsoft Visual Studio 2010 Service Pack 1 (KB2565057) and Microsoft Visual C++ 2010 Redistributable Package Service Pack 1 (KB2565063) as Affected Software. See the update FAQ for details. Also corrected the...

Severity Rating: Critical - Revision Note: V1.0 (August 9, 2011): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain...

Severity Rating: Important - Revision Note: V1.0 (August 9, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate Excel file (such as a .xlsx file)...

Severity Rating: Important - Revision Note: V1.0 (August 9, 2011): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An...

Two vulnerabilities found in industrial control system software made in China but used worldwide could be remotely exploited by attackers, according to a warning issued June 16 by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) This could cause denial of service...

Severity Rating: Critical - Revision Note: V1.0 (June 14, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a network share (or visits a web site that...

Severity Rating: Important - Revision Note: V1.0 (April 12, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All...

Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in certain applications built using the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user opens a legitimate file associated with such an...

Revision Note: V2.0 (February 8, 2011): Summary and update FAQ revised to notify users that the 971029 update to Autorun that restricts AutoPlay functionality to CD and DVD media will be offered via automatic updating.Summary: Microsoft is announcing the availability of updates to the Autorun...