exploit

Severity Rating: Critical Revision Note: V1.2 (September 18, 2013): Corrected language in the vulnerability FAQ, How could an attacker exploit the vulnerability? This is an informational change only. Summary: This security update resolves a privately reported vulnerability in Microsoft Office...

Severity Rating: Critical Revision Note: V1.2 (September 18, 2013): Corrected language in the vulnerability FAQ, How could an attacker exploit the vulnerability? This is an informational change only. Summary: This security update resolves a privately reported vulnerability in Microsoft Office...

Severity Rating: Critical Revision Note: V1.0 (September 10, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE...

Severity Rating: Important Revision Note: V1.0 (September 10, 2013): Bulletin published. Summary: This security update resolves 13 privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a specially crafted file is opened in an...

Researcher uses big Facebook vulnerability to post on Mark Zuckerberg’s wall The user submitted the exploit to the Bug Bounty Program, which, apparently, refused to acknowledge it, and the user then demonstrated the exploit on Mr. Zuckerberg's Facebook profile page. Link Removed To add...

Severity Rating: Important Revision Note: V1.2 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2770660 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...

Severity Rating: Critical Revision Note: V1.0 (July 9, 2013): Bulletin published. Summary: This security update resolves four privately reported vulnerabilities and two publicly disclosed vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The most severe of these...

Original release date: July 12, 2013 Systems Affected McAfee ePolicy Orchestrator (ePO) Overview A new exploit tool targets two vulnerabilities in McAfee’s ePolicy Orchestrator (ePO). Description A new exploit tool specifically built to attack McAfee’s ePolicy Orchestrator (ePO) targets...

Revision Note: V1.0 (May 14, 2013): Advisory published. Summary: Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a...

Original release date: July 12, 2013 Systems Affected McAfee ePolicy Orchestrator (ePO) Overview A new exploit tool targets two vulnerabilities in McAfee’s ePolicy Orchestrator (ePO).  Description A new exploit tool specifically built to attack McAfee’s ePolicy Orchestrator (ePO)...

More...

Severity Rating: Important Revision Note: V1.0 (June 11, 2013): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted...

Severity Rating: Important Revision Note: V1.0 (June 11, 2013): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted...

Revision Note: V1.0 (May 14, 2013): Advisory published. Summary: Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update...

Severity Rating: Critical Revision Note: V1.0 (May 14, 2013): Bulletin published. Summary: This security update resolves one publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted...

We've recently been having problems with redirects when clicking the links of search results in our browsers (IE and Firefox). We tried a few different virus scans and nothing was able to find it. However, we did realize that Microsoft Security Essentials would not run when we clicked the...

Severity Rating: Important Revision Note: V1.0 (April 9, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. The...

Before we discuss this month’s release, I wanted to briefly touch on the big event happening this week. No, I’m not talking about the romantically-themed holiday on Thursday. I’m talking about the start of spring training and the return of baseball. There are a few things I am...

Severity Rating: Critical Revision Note: V1.0 (February 12, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code...

Revision Note: V1.0 (August 20, 2012): Advisory published. Summary: Microsoft is aware that detailed exploit code has been published for known weaknesses in the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2). The MS-CHAP v2 protocol is widely used as an...