exploitability

  1. News

    MS16-FEB - Microsoft Security Bulletin Summary for February 2016 - Version: 2.0

    Revision Note: V2.0 (February 10, 2016): For MS16-014, Bulletin Summary revised to announce the availability of update 3126041 for Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 for Itanium-based Systems, Windows 8.1, and Windows Server 2012 R2. Customers should apply the...
  2. News

    April 2015 Updates

    Today, as part of Update Tuesday, we released 11 security bulletins. We encourage customers to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI), visit the Microsoft Bulletin Summary webpage. If you...
  3. News

    August 2014 Security Updates

    Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer (IE). We encourage you to apply all of these...
  4. News

    The October 2013 security updates

    This month we release eight bulletins – four Critical and four Important - which address 26 unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight. For those who need to prioritize their deployment planning, we recommend focusing on MS13-080...
  5. News

    A new policy for store apps and the July 2013 security updates

    There are those I’ve met who think my life is something akin to the classic comedy Groundhog Day. No, I don’t wake up to the musical stylings of Sonny and Cher each morning, but month after month after month, the second Tuesday rolls around and I’m involved in releasing...
  6. News

    Microsoft Customer Protections for May 2013

    Today, we are releasing 10 bulletins, addressing 33 vulnerabilities in Microsoft products. Before we get into the details, we wanted to first let our enterprise customers know about a change in how we’re communicating technical details within our security advisories. Starting today...
  7. News

    Summary for February 2013 - Version: 1.2

    Revision Note: V1.2 (February 13, 2013): For MS13-014, corrected the Exploitability Assessment for Latest Software Release in the Exploitability Index for CVE-2013-1281. Summary: This bulletin summary lists security bulletins released for February 2013. More...
  8. News

    Update Tuesday overview for September 2012

    As I previously mentioned in the Advance Notification blog on Thursday, today we are releasing two security bulletins, both of which are rated Important. These bulletins will increase protection by addressing two unique vulnerabilities in the following Microsoft products: MS12-061 (Visual...
  9. News

    Summary for July 2012 - Version: 1.1

    Revision Note: V1.1 (July 10, 2012): Removed CVE-2012-1860 from the Exploitability Index because the vulnerability has a Moderate severity rating. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included in the Exploitability Index...
  10. News

    MSRC looks back at ten years, and the February 2012 bulletins

    Ever wondered where Update Tuesday bulletins come from, or what it’s like around Microsoft when a serious information-security situation arises? Or wondered who precisely is responsible for getting your monthly bulletin releases out the door? Update Tuesday, which brings us here today, is...
  11. News

    January 2012 Security Bulletins Released

    Hello. As I previously mentioned in the Advance Notification Service blog post on Thursday, today we are releasing seven security bulletins, one of which is rated Critical in severity, with the remaining six classified as Important. These bulletins will address eight vulnerabilities in Microsoft...
  12. News

    Summary for December 2011 - Version: 1.1

    Revision Note: V1.1 (December 13, 2011): For MS11-099, corrected the severity ratings in the Affected Software table. For MS11-088, corrected the Key Note in the Exploitability Index. These are informational changes only. There were no changes to the security update files or detection logic...
  13. News

    Summary for December 2011 - Version: 1.1

    Revision Note: V1.1 (December 13, 2011): For MS11-099, corrected the severity ratings in the Affected Software table. For MS11-088, corrected the Key Note in the Exploitability Index. These are informational changes only. There were no changes to the security update files or detection logic...
  14. News

    Microsoft hosts BlueHatv11, releases four bulletins

    Hello, On this November Update Tuesday, we’re recapping the Link Removed, which Microsoft hosted in Redmond last week. We are also releasing four security updates, so please read on for details. Microsoft hosted its Link Removed of the BlueHat conference Nov. 2-4. The event featured...
  15. News

    Summary for August 2011 - Version: 1.1

    Revision Note: V1.1 (August 10, 2011): For MS11-059, corrected restart requirement information in the Executive Summaries section. For MS11-065, corrected key note in the Exploitability Index for CVE-2011-1968. For MS11-068, revised Server Core notation for Windows Server 2008 and Windows Server...
  16. News

    MSRC Progress Report Shows Continued Progress of MSRC Key Initiatives

    Today, the MSRC released its Link Removed due to 404 Errort highlighting advancements of key Microsoft programs designed to help prevent and defend against online threats. The Microsoft programs featured in this paper include the following: The Link Removed due to 404 Error (MAPP) and Link...
  17. News

    Autorun-Related Malware Declines and the June 2011 Security Bulletin Release

    Hello there. First off, I’d like to share some news regarding the updates we made to the Autorun feature in Security Advisory 967940, which we released in February 2011. The advisory made changes to how Autorun handles “non-shiny” media (eg., USB thumb drives). The change was...
  18. News

    May 2011 Security Bulletin Release

    Hello everyone, Pete Voss here again, and as I previously mentioned in the Advanced Notification on Thursday, today we are releasing two bulletins to help protect customers. The bulletins address a Critical vulnerability in Microsoft Windows and two Important vulnerabilities in Microsoft Office...
  19. News

    Exploitability Index Improvements Now Offer Additional Guidance

    Exploitability Index Improvements Now Offer Additional Guidance In October of 2008, Microsoft published its first Link Removed a rating system that helps customers identify the likelihood that a specific vulnerability would be exploited within the first 30 days after bulletin release. As of...
  20. News

    Announcing the Microsoft Security Update Guide, Second Edition

    Hi all -- We're pleased to announce the release of the new Link Removed due to 404 Error. Fully revised and updated from the first edition, which was released in 2009, this edition focuses on best practices for prioritizing and testing security updates before deployment within your...
Back
Top