code execution

Severity Rating: Important Revision Note: V1.1 (March 14, 2012): Removed erroneous installation switch option descriptions from the Security Update Deployment tables for all supported releases. This is an informational change only. There were no changes to the detection logic or the...

Severity Rating: Critical Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an...

Resolves vulnerabilities that could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems... More...

Resolves a vulnerability in Active Directory that could allow remote code execution. More...

Resolves security vulnerabilities that exist in Windows Mail and in Windows Meeting Space that could allow remote code execution if a user opens a legitimate file (such as a .eml or .wcinv file) that is located in the same network directory as a... More...

Severity Rating: Important Revision Note: V1.5 (May 4, 2011): Corrected the bulletin replacement information for Remote Desktop Connection 5.2 Client on supported editions of Windows XP Service Pack 3. This is a bulletin change only. There were no changes to the detection or security...

Severity Rating: Important Revision Note: V4.0 (August 9, 2011): Added Microsoft Visual Studio 2010 Service Pack 1 (KB2565057) and Microsoft Visual C++ 2010 Redistributable Package Service Pack 1 (KB2565063) as Affected Software. See the update FAQ for details. Also corrected the...

Severity Rating: Critical - Revision Note: V1.0 (August 9, 2011): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain...

Severity Rating: Important - Revision Note: V1.0 (August 9, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate Excel file (such as a .xlsx file)...

Severity Rating: Important - Revision Note: V1.0 (August 9, 2011): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An...

Two vulnerabilities found in industrial control system software made in China but used worldwide could be remotely exploited by attackers, according to a warning issued June 16 by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) This could cause denial of service...

Severity Rating: Critical - Revision Note: V1.0 (June 14, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a network share (or visits a web site that...

Severity Rating: Important - Revision Note: V1.0 (April 12, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All...

Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in certain applications built using the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user opens a legitimate file associated with such an...

Revision Note: V2.0 (February 8, 2011): Summary and update FAQ revised to notify users that the 971029 update to Autorun that restricts AutoPlay functionality to CD and DVD media will be offered via automatic updating.Summary: Microsoft is announcing the availability of updates to the Autorun...

Revision Note: V1.2 (January 19, 2011): Clarified that the Modify the Access Control List (ACL) on shimgvw.dll workaround only applies to Windows XP and Windows Server 2003 systems and added a new workaround, Disable viewing of thumbnails in Windows Explorer on Windows Vista and Windows Server...

Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in Windows Backup Manager. The vulnerability could allow remote code execution if a user opens a legitimate Windows Backup Manager file that is located in the same network directory as a...

Severity Rating: Important - Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in the Internet Connection Signup Wizard of Microsoft Windows. This security update is rated Important for all supported editions of...

Bulletin Severity Rating:Critical - This security update resolves several privately reported vulnerabilities in the Windows Open Type Font (OTF) driver that could allow remote code execution. An attacker could host a specially crafted OpenType font on a network share. The affected control path...

Revision Note: V1.1 (November 3, 2010): Added the opening of HTML mail in the Restricted sites zone as a mitigating factor, the automated Microsoft Fix it solution to the CSS workaround, and a finder acknowledgment. Removed reading e-mail in plain text as a workaround. Also clarified content in...