Today, as a part of our regular Update Tuesday process, we released four security bulletins – one rated Critical and three rated Important in severity – to address 42 Common Vulnerabilities & Exposures (CVEs) in Microsoft Windows, Internet Explorer, .NET Framework, and Lync Server. We encourage...
activex controls
advisories
credential protection
critical update
cve
deployment
exploit index
group policy
important updates
internet explorer
microsoft
remote code execution
security bulletin
security updates
september 2014
trustworthy computing
update tuesday
webcast
windows 7
windows server
Severity Rating: Critical
Revision Note: V1.0 (August 12, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that...
Many around the globe have been following the 2014 FIFA World Cup Brazil™ closely. Regardless of which country you are supporting, many folks have been impressed by the defensive display put on by keeper Tim Howard in a loss against Belgium. It was a great performance highlighting a strong...
As security professionals, we are trained to think in worst-case scenarios. We run through the land of the theoretical, chasing “what if” scenarios as though they are lightning bugs to be gathered and stashed in a glass jar. Most of time, this type of thinking is absolutely the correct thing...
best practices
bulletin
critical updates
customer impact
cve
cybersecurity
flash player
internet explorer
legacy support
microsoft
protection mode
remote code execution
research
risk assessment
security
smartscreen
theoretical thinking
updates
vulnerabilities
web standards
T. S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates. Today, we release four bulletins to address 11 CVEs in...
adobe flash
april 2014
bulletin
cumulative update
cve
exploit index
guidance
internet explorer
microsoft knowledge base
microsoft office
microsoft word
office 2003
remote code execution
security
security advisory
support end
updates
vulnerabilities
webcast
windows xp
This month we release five bulletins to address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight. If you need to prioritize, the update for Internet Explorer addresses the issue first described in Security Advisory 2934088, so it should be at the top of your list. While...
In addition to today being the security update release, February 11 is officially Link Removed for 2014. This year, we’re asking folks to Do 1 Thing to stay safer online. While you may expect my “Do 1 Thing” recommendation would be to apply security updates, I’m guessing that for readers of this...
critical updates
cve
cybersecurity
digital safety
direct2d
emet
forefront protection
important updates
internet explorer
malware prevention
microsoft
remote code execution
safer internet day
security updates
techsoup
update deployment
vbscript
web security
windows
windows defender
In January, there are those who like to make predictions about the upcoming year. I am not one of those people. Instead, I like to quote Niels Bohr who said, “Prediction is very difficult, especially if it’s about the future.” However, I can say without a doubt that change is afoot in 2014.
In...
adobe flash
applications
authentication
bulletin
cve
developers
january 2014
kernel
md5
microsoft
privilege
security
server
software
support
technology
update
vulnerabilities
webcast
windows xp
If you haven't had a chance to see the movie Gravity, I highly recommend you take the time to check it out. The plot moves a bit slowly at times, but director Alfonso Cuaron's work portrayal of zero gravity is worth the ticket price alone. Add in stellar acting and you end up with an epic movie...
activex
authenticity
certificates
cryptography
cumulative
cve
deployment
digital signatures
directaccess
emet
internet explorer
microsoft
rc4
remote code execution
security
sha1
sha2
updates
vulnerabilities
windows
If you haven't had a chance to see the movie Gravity, I highly recommend you take the time to check it out. The plot moves a bit slowly at times, but director Alfonso Cuaron's work portrayal of zero gravity is worth the ticket price alone. Add in stellar acting and you end up with an epic movie...
This month we release eight bulletins – four Critical and four Important - which address 26 unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight. For those who need to prioritize their deployment planning, we recommend focusing on MS13-080...
.net framework
advisory
bulletins
cve
deployment
exploitability
internet explorer
md5
microsoft
october
office
remote code execution
security
sharepoint
ssl
trustworthy computing
updates
vulnerabilities
webcast
windows
Revision Note: V2.0 (August 10, 2010): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-049 to address this issue. For more information about this issue, including...
Original release date: January 10, 2013 | Last revised: February 06, 2013
Systems Affected
Any system using Oracle Java 7 (1.7, 1.7.0) including
Java Platform Standard Edition 7 (Java SE 7)
Java SE Development Kit (JDK 7)
Java SE Runtime Environment (JRE 7)
OpenJDK 7 and 7u
IcedTea...
Severity Rating: Important
Revision Note: V1.0 (February 12, 2013) Bulletin published.
Summary: This security update resolves three privately reported vulnerabilities in all supported releases of Microsoft Windows. The vulnerabilities could allow elevation of privilege if...
Today, we’re providing advance notification for six bulletins to help protect customers against 19 CVEs. The four Critical-rated updates will address 13 vulnerabilities in Microsoft Windows, Internet Explorer and the .NET Framework. One bulletin rated Important will address four...
advance notification
bulletin
critical
cve
deployment
important
internet explorer
microsoft
microsoft trustworthy computing
moderate
msrc
net framework
november
office
patch management
security
testing
update
vulnerabilities
windows
Resolves vulnerabilities in Microsoft Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that exploits the vulnerability. An attacker must have valid logon credentials...
More...
For Update Tuesday we’re releasing seven security bulletins – three Critical-class and four Important – addressing 26 unique CVEs to further improve the security postures of Microsoft Windows, Internet Explorer, Dynamics AX, Microsoft Lync, and the Microsoft .NET Framework. In...
Severity Rating: Important
Revision Note: V1.0 (December 13, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all...
affected software
attacker
cve
exploit
important
microsoft
ms11-093
ole
patch
remote code execution
revision note
security bulletin
security update
technet
user rights
vulnerability
windows server 2003
windows xp
Hello,
As you know, today is Update Tuesday. Before I go into the bulletin details, however, I wanted to let you know that today we’re notifying customers that Windows XP and Office 2003 will go out of support in April 2014. We understand that preparing to deploy the latest versions of...
april 2012
automatic updates
bulletin release
critical updates
cve
deployment guidance
end of support
internet explorer
malware protection
microsoft
office 2003
organizational upgrade
remote code execution
security bulletins
security updates
trustworthy computing
update tuesday
user rights
webcast
windows xp