exploit

  1. TA14-318A: Microsoft Secure Channel (Schannel) Vulnerability (CVE-2014-6321)

    Original release date: November 14, 2014 Systems Affected Microsoft Windows Vista, 7, 8, 8.1, RT, and RT 8.1 Microsoft Server 2003, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2 Microsoft Windows XP and 2000 may also be affected. Overview A critical vulnerability in...
    • News
    • Thread
    • arbitrary code bulletin critical cve-2014-6321 exploit impact microsoft mitigations network traffic patching remote attack risk schannel security server ssl tls update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  2. TA14-318B: Microsoft Windows OLE Automation Array Remote Code Execution Vulnerability

    Original release date: November 14, 2014 Systems Affected Microsoft Windows Vista, 7, 8, 8.1, RT, and RT 8.1 Microsoft Server 2003, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2 Overview A vulnerability in Microsoft Windows Object Linking and Embedding (OLE) could allow...
    • News
    • Thread
    • administrator arbitrary code cve-2014-6332 execution exploit impact internet explorer memory mitigation ole privileged access remote code safearrayredim security server 2003 server 2008 update vbscript vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  3. MS14-079 - Moderate: Vulnerability in Kernel-Mode Driver Could Allow Denial of Service...

    Severity Rating: Moderate Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker places a specially crafted TrueType font on a...
    • News
    • Thread
    • bulletin compromised websites denial of service email threats exploit internet safety it security kernel-mode microsoft moderate rating network share november 2014 security technical article truetype update user content vulnerability web attack windows
    • Replies: 0
    • Forum: Security Alerts

  4. MS14-078 - Moderate: Vulnerability in IME (Japanese) Could Allow Elevation of Privilege...

    Severity Rating: Moderate Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Input Method Editor (IME) (Japanese). The vulnerability could allow sandbox escape based on the application sandbox policy...
    • News
    • Thread
    • access administrative attack cybersecurity data elevation exploit ime japanese microsoft moderate patch privilege protection risk sandbox security software update vulnerability
    • Replies: 0
    • Forum: Security Alerts

  5. MS14-063 - Important: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of...

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32...
    • News
    • Thread
    • arbitrary code bulletin driver elevation exploit fastfat fat32 important microsoft october 2014 patch privately reported privileges risk security software system driver update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  6. MS14-061 - Important: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote...

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted...
    • News
    • Thread
    • administrator rights attack exploit microsoft microsoft word october 2014 office web apps remote code execution security update user rights vulnerability
    • Replies: 0
    • Forum: Security Alerts

  7. MS14-062 - Important: Vulnerability in Message Queuing Service Could Allow Elevation of...

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output...
    • News
    • Thread
    • administrative bulletin elevation of privilege exploit message queuing patch security update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  8. NEWS First Shellshock botnet attacks Akamai, US DoD networks

    Wopbot on the rampage. Attackers have been quick to exploit the Shellshock Bash command interpreter bug disclosed yesterday by building a botnet that is currently trying to infect other servers, according to a security researcher. The "wopbot" botnet is active and scanning the internet for...
    • whoosh
    • Thread
    • akamai attack auto-infect bash botnet cybersecurity defense emanuele gentili exploit internet linux researcher security shellshock vulnerabilities
    • Replies: 0
    • Forum: The Water Cooler

  9. MS14-052 - Critical: Cumulative Security Update for Internet Explorer (2977629) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (September 9, 2014): Bulletin published. Summary: This security update resolves one publicly disclosed and thirty-six privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution...
    • News
    • Thread
    • critical cumulative exploit internet explorer microsoft remote code execution security update user rights vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  10. TA14-212A: Backoff Point-of-Sale Malware

    Original release date: July 31, 2014 Systems Affected Point-of-Sale Systems Overview This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and...
    • News
    • Thread
    • antivirus backoff brute force command control consumer protection cybersecurity data breach exfiltration exploit forensics indicators it security keylogging malware mitigation network security payment data point-of-sale remote desktop risk management
    • Replies: 0
    • Forum: Security Alerts

  11. Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (May 13, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application that uses...
    • News
    • Thread
    • exploit local access microsoft privileges security shell handler shellexecute update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  12. VIDEO Addressing Internet "Heartbleed" Emergency

    This website is not affected by the exploit in any way. Further information: Last night news about a remote OpenSSL bug was disclosed on http://heartbleed.com/ which detailed out an exploit in the OpenSSL system library that handles HTTPS connections on your server. This bug impacts CentOS 6.x...
    • Mike
    • Thread
    • bug centos cpanel emergency exploit heartbleed https internet litespeed networking openssl patch security server software ssl support update vulnerability whm
    • Replies: 4
    • Forum: Forum Announcements

  13. TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)

    Original release date: April 08, 2014 Systems Affected OpenSSL 1.0.1 through 1.0.1f OpenSSL 1.0.2-beta Overview A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory...
    • News
    • Thread
    • credentials cve-2014-0160 data exposure exploit heartbleed impact key material memory mitigation openssl patch perfect forward secrecy public access public disclosure revision history security security flaw system administrators tls vulnerability
    • Replies: 0
    • Forum: Security Alerts

  14. MS14-019: Vulnerability in Windows file handling component could allow remote code execution:...

    Continue reading...
    • News
    • Thread
    • exploit file handling microsoft ms14-019 patch remote code execution risk security update vulnerability windows
    • Replies: 0
    • Forum: Knowledge Base (KB)

  15. The March 2014 Security Updates

    This month we release five bulletins to address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight. If you need to prioritize, the update for Internet Explorer addresses the issue first described in Security Advisory 2934088, so it should be at the top of your list. While...
    • News
    • Thread
    • adobe flash aslr bulletins critical updates customer security cve deployment exploit internet explorer malware mitigation ms14-012 ms14-014 remote code execution response communications security silverlight updates vulnerabilities webcast
    • Replies: 0
    • Forum: Security Alerts

  16. Advance Notification Service for the January 2014 Security Bulletin Release

    Today we provide advance notification for the release of four bulletins for January 2014. All bulletins this month are rated Important in severity and address vulnerabilities in Microsoft Windows, Office, and Dynamics AX. The update provided in MS14-002 fully addresses the issue first described...
    • News
    • Thread
    • ans bulletin deployment dynamics ax exploit guidance impact january 2014 microsoft msrc office pst risk security server 2003 update vulnerabilities windows windows xp
    • Replies: 0
    • Forum: Security Alerts

  17. Microsoft Releases Security Advisory 2896666

    Today we released Security Advisory 2896666 regarding an issue that affects customers using Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync. We are aware of targeted attacks, largely in the Middle East and South...
    • News
    • Thread
    • advisory anti-spyware anti-virus caution computer protection emet exploit firewall malicious email metigations office 2003 office 2010 security server 2008 threat monitoring tiff codec user awareness user rights vulnerability windows vista
    • Replies: 0
    • Forum: Security Alerts

  18. MS13-099: Vulnerability in Microsoft Scripting Runtime Object Library could allow remote code...

    Continue reading...
    • News
    • Thread
    • code execution exploit library microsoft ms13-099 patch remote risk runtime scripting security support threat update vulnerability
    • Replies: 0
    • Forum: Knowledge Base (KB)

  19. MS13-098: Vulnerability in Windows could allow remote code execution: December 10, 2013

    Continue reading...
    • News
    • Thread
    • cve exploit microsoft ms13-098 patch remote code execution security update vulnerability windows
    • Replies: 0
    • Forum: Knowledge Base (KB)

  20. MS13-106 - Important : Vulnerability in a Microsoft Office Shared Component Could Allow...

    Severity Rating: Important Revision Note: V1.0 (December 10, 2013): Bulletin published. Summary: This security update resolves one publicly disclosed vulnerability in a Microsoft Office shared component that is currently being exploited. The vulnerability could allow security feature bypass if a...
    • News
    • Thread
    • aslr exploit internet explorer microsoft office patch security update vulnerability web browser
    • Replies: 0
    • Forum: Security Alerts