exploitation

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these... More...

Severity Rating: Critical Revision Note: V1.0 (June 12): Bulletin published. Summary: This security update resolves one privately reported vulnerability in the Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a...

Resolves a vulnerability in ASP.NET that could allow information disclosure. An attacker that successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. Link Removed

Resolves a vulnerability in ASP.NET that could allow information disclosure. An attacker that successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. Link Removed

Resolves vulnerabilities in Windows Media Player and Windows Media Center that could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. More...

Resolves a vulnerability in Windows Movie Maker and Microsoft Office Producer for Microsoft Office PowerPoint 2003 that could allow remote code execution if an attacker sent a specially crafted Movie Maker or Producer file. More...

Resolves vulnerabilities in Microsoft Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. More...

Severity Rating: Important Revision Note: V1.0 (May 8, 2012): Bulletin published. Summary: This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user...

It took Redmond 1 day to kill a threat that allowed users with a Firefox add-on (Tamper Data) to remotely reset the password of a Hotmail account and allowing them to access the outgoing HTTP request, then modify the data. Microsoft was notified April 20, 2012, applied the fix April 21...

Resolves a vulnerability in the Cinepak Codec that allow remote code execution if a user opens a specially crafted media file or receive specially crafted streaming content from a Web site or any application that delivers Web content. More...

Severity Rating: Important Revision Note: V1.0 (April 10, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Office and Microsoft Works. The vulnerability could allow remote code execution if a user opens a...

Severity Rating: Important Revision Note: V1.0 (April 10, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Office and Microsoft Works. The vulnerability could allow remote code execution if a user opens a...

Severity Rating: Critical Revision Note: V1.0 (April 10, 2012): Bulletin published. Summary: This security update resolves a privately disclosed vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website...

Severity Rating: Critical Revision Note: V1.3 (February 1, 2012): Corrected registry keys and installation switches in the deployment tables for Windows Server 2003 and Windows Server 2008, and installation switches in the deployment table for Windows Vista. This is an informational...

Severity Rating: Important Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a system and...

Severity Rating: Important Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Expression Design. The vulnerability could allow remote code execution if a user opens a legitimate...

Severity Rating: Important Revision Note: V1.0 (December 13, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all...

Severity Rating: Critical Revision Note: V1.0 (February 14, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted...

Resolves vulnerabilities in Microsoft Windows that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the local user. More...

Resolves a vulnerability in Microsoft Windows that could allow security feature bypass if an attacker exploited it to circumvent the SafeSEH security feature. More...