Severity Rating: Important
Revision Note: V1.0 (January 8, 2013): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in the Open Data (OData) protocol. The vulnerability could allow denial of service if an unauthenticated attacker...
Revision Note: V2.0 (December 29, 2011): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-100 to address this issue. For more information about this issue...
Resolves a vulnerability in Windows that could allow denial of service if a remote attacker sends a specially crafted session request to the Kerberos server. Firewall best practices and standard default firewall configurations can help protect networks...
More...
Severity Rating: Important
Revision Note: V1.0 (October 9, 2012): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote attacker sends a specially...
Security Advisory 2661254 - Update For Minimum Certificate Key Length
Before we get into the details of this month’s bulletin release, let’s take a look at an important change on how Windows deals with certificates that have RSA keys of less than 1024 bits in length.
We’ve been...
august 2012
certificate
critical updates
cumulative updates
denialofservice
deployment priority
enterprise administrators
internet explorer
microsoft office
public key infrastructure
remote code execution
rsa keys
security advisory
security bulletins
security updates
sql server
vulnerabilities
windows networking
windows update
xml core services
Resolves a vulnerability in Secure Channel (SChannel) security package in Windows that could allow denial of service if an affected Internet Information Services (IIS) server hosting an SSL web site received a specially crafted packet message.
More...
Revision Note: V2.0 (December 29, 2011): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-100 to address this issue. For more information about this issue...
On March 15, we became aware of public proof-of-concept code that results in denial of service for the issue addressed by MS12-020, which we released Tuesday.
We continue to watch the threat landscape and we are not aware of public proof-of-concept code that results in remote code execution...
Resolves vulnerabilities that could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems...
More...
Resolves a vulnerability in Windows DirectWrite that could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client.
More...
Severity Rating: Important
Revision Note: V1.0 (March 13, 2012): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote unauthenticated attacker sends a...
Severity Rating: Moderate
Revision Note: V1.0 (March 13, 2012): Bulletin published.
Summary: This security update resolves a publicly disclosed vulnerability in Windows DirectWrite. In an Instant Messenger-based attack scenario, the vulnerability could allow denial of...
asp.net
authentication
custom code
cve
denialofservice
exchange 2010
exploitability index
forms authentication
hashtables
iis
internet-facing
patching
security
server environment
technical guidance
update
vulnerability
web servers
windows server
windows update
Hello,
Today we released Security Update MS11-100 to address the issue described in Security Advisory 2659883.
The security update has a severity rating of Critical and resolves a publicly disclosed remote unauthenticated Denial of Service issue in ASP.NET versions 1.1 and above on all supported...
Revision Note: V1.0 (December 28, 2011): Advisory published.
Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit hash tables. Attacks targeting this type of vulnerability are generically known as hash collision attacks. Attacks...
Resolves a vulnerability in Microsoft Windows that could allow Denial of Service if a user navigates to a specially crafted TrueType font on a network share.
More...
Severity Rating: Moderate
Revision Note: V1.0 (November 8, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType...
Severity Rating: Important
Revision Note: V1.0 (October 11, 2011): Bulletin published.
Summary: This security update resolves two publicly disclosed vulnerabilities in Host Integration Server. The vulnerabilities could allow denial of service if a remote attacker sends...