exploitation

  1. TA13-015A: Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792

    Original release date: January 15, 2013 | Last revised: February 06, 2013 Systems Affected Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Overview Microsoft has released Security Bulletin MS13-008 to address the CButton...
    • News
    • Thread
    • access denied bulletin cbutton cve-2012-4792 cybersecurity denial of service exploitation internet explorer microsoft patch patch management remote access revision security software systems affected update us-cert use-after-free vulnerability
    • Replies: 0
    • Forum: Security Alerts

  2. Microsoft Security Advisory (2794220): Vulnerability in Internet Explorer Could Allow Remote Code Ex

    Revision Note: V1.1 (December 31, 2012): Added link to Microsoft Fix it solution, "MSHTML Shim Workaround," that prevents exploitation of this issue. Summary: Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer...
    • News
    • Thread
    • advisory attack exploitation fix internet explorer microsoft remote code execution security vulnerability workaround
    • Replies: 0
    • Forum: Security Alerts

  3. MS12-081 - Critical : Vulnerability in Windows File Handling Component Could Allow Remote Code Execu

    Severity Rating: Critical Revision Note: V1.0 (December 11, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user browses to a folder that...
    • News
    • Thread
    • critical exploitation microsoft ms12-081 remote code execution security update user rights vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  4. MS12-065 - Important : Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670)

    Severity Rating: Important Revision Note: V1.0 (October 9, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Works. The vulnerability could allow remote code execution if a user opens a specially crafted...
    • News
    • Thread
    • bulletin exploitation extended security updates important microsoft microsoft works remote code execution user rights vulnerability
    • Replies: 0
    • Forum: Security Alerts

  5. MS12-070 - Important : Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849) - Ve

    Severity Rating: Important Revision Note: V1.0 (October 9, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft SQL Server on systems running SQL Server Reporting Services (SSRS). The vulnerability is a...
    • News
    • Thread
    • bulletin exploitation microsoft privileged access security sql server ssrs update vulnerability xss
    • Replies: 0
    • Forum: Security Alerts

  6. Microsoft releases MS12-063 – Cumulative Security Update for Internet Explorer

    Today we released Security Update MS12-063 to address limited attacks against a small number of computers through a vulnerability in Internet Explorer versions 9 and earlier. The majority of customers have automatic updates enabled and will not need to take any action because protections will be...
    • News
    • Thread
    • advisory automatic computer cumulative exploitation internet explorer manual update microsoft ms12-063 security trustworthy computing update vulnerability webcast
    • Replies: 0
    • Forum: Security Alerts

  7. MS12-052 - Critical : Cumulative Security Update for Internet Explorer (2722913) - Version: 1.1

    Severity Rating: Critical Revision Note: V1.1 (August 15, 2012): Removed erroneous FAQ for Windows 8 Release Preview and Windows Server 2012 Release Candidate releases. The Windows 8 Release Preview and Windows Server 2012 Release Candidate releases are not affected by the...
    • News
    • Thread
    • attacker august 2012 bulletin critical cumulative exploitation internet explorer ms12-052 privately reported release preview remote code execution security update user rights vulnerabilities webpage windows 8 windows server
    • Replies: 0
    • Forum: Security Alerts

  8. MS12-051 - Important : Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege

    Severity Rating: Important Revision Note: V1.0 (July 10, 2012): Bulletin published. Summary: This security update resolves one publicly disclosed vulnerability in Microsoft Office for Mac. The vulnerability could allow elevation of privilege if a malicious executable is...
    • News
    • Thread
    • elevation exploitation important mac malicious software microsoft office security update vulnerability
    • Replies: 0
    • Forum: Security Alerts

  9. MS12-042 - Important : Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711167

    Severity Rating: Important Revision Note: V1.0 (June 12, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability and one publicly disclosed vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of...
    • News
    • Thread
    • anonymous attack bulletin crafted application elevation exploitation important kernel local logon microsoft ms12-045 privately disclosed privilege remote attack report security severity rating update vulnerabilities windows
    • Replies: 0
    • Forum: Security Alerts

  10. MS12-041: Vulnerabilities in Windows Kernel-Mode Drivers could allow elevation of privilege: June 12

    Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these... More...
    • News
    • Thread
    • 2012 application drivers elevation exploitation june kernel-mode logon management microsoft patch privilege security support update vulnerabilities windows
    • Replies: 0
    • Forum: Knowledge Base (KB)

  11. MS12-038 - Critical : Vulnerability in .NET Framework Could Allow Remote Code Execution (2706726) -

    Severity Rating: Critical Revision Note: V1.0 (June 12): Bulletin published. Summary: This security update resolves one privately reported vulnerability in the Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a...
    • News
    • Thread
    • ad content browser bulletin code security compromised websites critical email links exploitation extended security updates messenger microsoft net framework privately reported remote code execution severity rating user content user rights vulnerability web attack xaml
    • Replies: 0
    • Forum: Security Alerts

  12. MS10-070: Description of the security update for the Microsoft .NET Framework 3.5.1 in Windows 7 Ser

    Resolves a vulnerability in ASP.NET that could allow information disclosure. An attacker that successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. Link Removed
    • News
    • Thread
    • asp.net data encryption exploitation framework information information disclosure microsoft security update vulnerability windows 7
    • Replies: 0
    • Forum: Knowledge Base (KB)

  13. MS10-070: Description of the security update for the Microsoft .NET Framework 3.5.1 in Windows 7 and

    Resolves a vulnerability in ASP.NET that could allow information disclosure. An attacker that successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. Link Removed
    • News
    • Thread
    • asp.net data security exploitation framework information disclosure microsoft security update vulnerability windows 7
    • Replies: 0
    • Forum: Knowledge Base (KB)

  14. MS11-015: Vulnerability in Microsoft DirectShow could allow remote code execution: March 8, 2011

    Resolves vulnerabilities in Windows Media Player and Windows Media Center that could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. More...
    • News
    • Thread
    • directshow dvr exploitation extended security updates media center media player microsoft remote code execution vulnerability
    • Replies: 0
    • Forum: Knowledge Base (KB)

  15. MS10-016: Vulnerability in Windows Movie Maker could allow remote code execution

    Resolves a vulnerability in Windows Movie Maker and Microsoft Office Producer for Microsoft Office PowerPoint 2003 that could allow remote code execution if an attacker sent a specially crafted Movie Maker or Producer file. More...
    • News
    • Thread
    • attack exploitation kb975561 malware microsoft office movie maker powerpoint remote code execution security patch vulnerability
    • Replies: 0
    • Forum: Knowledge Base (KB)

  16. MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

    Resolves vulnerabilities in Microsoft Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. More...
    • News
    • Thread
    • application attacker elevate exploitation microsoft ms12-063 patch privilege resolve risk security support tcp/ip update vulnerability windows
    • Replies: 0
    • Forum: Knowledge Base (KB)

  17. MS12-030 - Important : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (266383

    Severity Rating: Important Revision Note: V1.0 (May 8, 2012): Bulletin published. Summary: This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user...
    • News
    • Thread
    • bulletin exploitation microsoft office patch remote code execution security update user rights vulnerabilities
    • Replies: 0
    • Forum: Security Alerts
  18. A

    Windows 7 Microsoft Kills Hotmail Hijack Threat

    It took Redmond 1 day to kill a threat that allowed users with a Firefox add-on (Tamper Data) to remotely reset the password of a Hotmail account and allowing them to access the outgoing HTTP request, then modify the data. Microsoft was notified April 20, 2012, applied the fix April 21...
    • Adamsappleone
    • Thread
    • access denied cybersecurity data manipulation exploitation firefox fix hacking hotmail microsoft password protection remote access security tampering threats token security update vulnerability web security
    • Replies: 1
    • Forum: Windows Security

  19. MS10-055: Vulnerability in Cinepak codec could allow remote code execution

    Resolves a vulnerability in the Cinepak Codec that allow remote code execution if a user opens a specially crafted media file or receive specially crafted streaming content from a Web site or any application that delivers Web content. More...
    • News
    • Thread
    • cinepak codec exploitation extended security updates media files microsoft patch remote code execution vulnerability web content
    • Replies: 0
    • Forum: Knowledge Base (KB)

  20. MS12-028 - Important : Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

    Severity Rating: Important Revision Note: V1.0 (April 10, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Office and Microsoft Works. The vulnerability could allow remote code execution if a user opens a...
    • News
    • Thread
    • admin rights april 2012 exploitation extended security updates microsoft office ms12-028 remote code execution user rights vulnerability work files
    • Replies: 0
    • Forum: Security Alerts