You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
exploit index
About this tag
The exploit index (XI) is a Microsoft security metric that helps IT professionals assess the likelihood of a vulnerability being exploited. On WindowsForum, discussions around the exploit index appear in the context of monthly security update releases, such as those from 2014. In these threads, Microsoft provides the exploit index breakdown for each Common Vulnerability and Exposure (CVE) addressed in that month's bulletins. The index is used to prioritize deployment planning, with critical updates recommended first. The tag covers how the exploit index is calculated and applied to vulnerabilities in Microsoft Windows, Internet Explorer, Office, .NET Framework, and other products. It is a tool for understanding exploit risk and guiding patch management decisions.
Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office and Exchange.
We encourage you to apply all of...
adobe flash
bulletin
critical update
cumulative update
december
exchange server
exploitindex
important updates
internet explorer
microsoft office
msrc
patch
remote code execution
security
security advisory
security bulletin
technet
update
vulnerability
Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office, .NET Framework, Internet Information Services...
ad fs
critical
cve
deployment
encryption
exploitindex
iis
important
internet explorer
microsoft
moderate
net framework
november 2014
office
rdp
security
security advisory
update
vulnerability
windows
Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates...
activex controls
bulletin
critical update
deployment
exploitindex
exposure
important updates
internet explorer
java
net framework
october 2014
office
patch management
security advisory
security updates
silverlight
vulnerability
vulnerability management
webcast
windows
Today, as a part of our regular Update Tuesday process, we released four security bulletins – one rated Critical and three rated Important in severity – to address 42 Common Vulnerabilities & Exposures (CVEs) in Microsoft Windows, Internet Explorer, .NET Framework, and Lync Server. We encourage...
activex controls
advisory
credential protection
critical update
cve
deployment
exploitindex
group policy
important updates
internet explorer
microsoft
remote code execution
security bulletin
security updates
september 2014
trustworthy computing
update tuesday
webcast
windows 7
windows server
Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer (IE). We encourage you to apply all of these...
2014
activex
critical
cumulative update
deployment
exploitindexexploitability
important
internet explorer
microsoft
onenote
patch management
security
sharepoint
sql server
trustworthy computing
update
vulnerability
webcast
T. S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates. Today, we release four bulletins to address 11 CVEs in...
adobe flash
april 2014
bulletin
cumulative update
cve
end of support
exploitindex
guidance
internet explorer
knowledge base
microsoft office
microsoft word
office 2003
remote code execution
security
security advisory
update
vulnerability
webcast
windows xp