exploit

Since the start of April there has been a serious security problem in the Skype for Mac client which could allow an attacker to remotely get access to a shell. Skype released a fix in the middle of April but did not push out an update notification as it believed the problem was not being...

Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today. Link Removed

Bulletin Severity Rating:Important - This security update resolves nine privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these...

Bulletin Severity Rating:Important - This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file or if a user opens a...

A new exploit for IE9 bypasses all security measures in even the latest fully patched version of Windows 7, according to a French security company Vupen. Link Removed - Invalid URL

A new exploit for IE9 bypasses all security measures in even the latest fully patched version of Windows 7, according to a French security company Vupen. More...

Revision Note: V1.1 (March 11, 2011): Revised Executive Summary to reflect investigation of limited, targeted attacks. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to...

Severity Rating: Important - Revision Note: V1.0 (February 8, 2011): Bulletin published.Summary: This security update resolves five privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially...

Revision Note: V1.2 (January 19, 2011): Clarified that the Modify the Access Control List (ACL) on shimgvw.dll workaround only applies to Windows XP and Windows Server 2003 systems and added a new workaround, Disable viewing of thumbnails in Windows Explorer on Windows Vista and Windows Server...

Hello. Today we're releasing Link Removed due to 404 Error, which describesa publicly disclosed scripting vulnerability affecting all versions ofMicrosoft Windows. The main impact of the vulnerability is unintendedinformation disclosure. We're aware of publishedinformation and proof-of-concept...

Revision Note: V1.1 (January 5, 2011): Added a link to the automated Microsoft Fix it solution for the Modify the Access Control List (ACL) on shimgvw.dll workaround.Summary: Microsoft is investigating new public reports of a vulnerability in the Windows Graphics Rendering Engine. An attacker...

Revision Note: V1.1 (January 5, 2011): Added a link to the automated Microsoft Fix it solution for the Modify the Access Control List (ACL) on shimgvw.dll workaround. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in the Windows Graphics Rendering Engine. An...

Microsoft investigates unpatched vulnerability Security researchers have released attack code that exploits an unpatched bug in Microsoft's Internet Explorer (IE) and sidesteps defenses baked into Windows 7. Link Removed - Invalid URL

Microsoft investigates unpatched vulnerability Security researchers have released attack code that exploits an unpatched bug in Microsoft's Internet Explorer (IE) and sidesteps defenses baked into Windows 7. Link Removed - Invalid URL

Severity Rating: Important - Revision Note: 1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in Windows Media Encoder. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate...

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file type such as .eml and .rss (Windows Live Mail) or .wpost (Microsoft Live Writer) located in the...

Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in Windows Address Book. The vulnerability could allow remote code execution if a user opens a Windows Address Book file located in the same network folder as a specially crafted library file...

Source: Neowin.net - Exclusive: New Facebook exploit hits the web Update: If your account has been hijacked, take the following steps: 1) Visit the Facebook "Upload via Email" page 2) Click "Send me my upload email" 3) Click the "refresh your upload email" link. This will reset your...

Hi everyone, Today we released Link Removed due to 404 Error to address a new vulnerability that could impact Internet Explorer users if they visit a website hosting malicious code. As of now, the impact of this vulnerability is extremely limited and we are not aware of any affected customers...

Severity Rating: Moderate - Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user is logged on with...