Severity Rating: Important
Revision Note: V1.0 (January 10, 2012): Bulletin published.
Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker successfully...
Severity Rating: Important
Revision Note: V1.0 (December 13, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted...
Severity Rating: Important
Revision Note: V1.0 (December 13, 2011): Bulletin published.
Summary: This security update resolves four privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens a...
Revision Note: V1.3 (November 8, 2011): Added link to MAPP Partners with Updated Protections in the Executive Summary. Revised impact statement for the workaround, Deny access to T2EMBED.DLL, to address a reoffer issue on Windows XP and Windows Server 2003. Also, revised the mitigating factors...
access
advisory
attacks
elevation
exploitation
font
impact
kernel
malware
mapp
microsoft
parsing
programs
protection
security
truetype
vulnerability
windows server
windows xp
workaround
Revision Note: V1.0 (November 3, 2011): Advisory published.
Summary: Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode...
advisory
arbitrary
attack
code
customer
data
elevation
exploitation
font
impact
kernel
malware
microsoft
revision
security
targeted
truetype
vulnerability
win32k
windows
Hello. Today we released Security Advisory 2588513, addressing an information-disclosure issue in SSL (Secure Sockets Layer) 3.0 and TLS (Transport Layer Security) 1.0 to provide guidance for customers. This is an industry-wide issue with limited impact that affects the Internet ecosystem as a...
Severity Rating: Important
Revision Note: V1.0 (September 13, 2011): Bulletin published.
Summary: This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially...
Severity Rating: Important
Revision Note: V4.1 (April 20, 2011): Corrected registry key verification for Microsoft .NET Framework 3.5 Service Pack 1 when installed on Windows XP and Windows Server 2003.
Summary: This security update resolves a publicly disclosed...
asp.net
data tampering
encryption
exploitation
framework
information disclosure
microsoft
patch
public disclosure
registry key
security
service pack
update
vulnerability
windows server
windows xp
Severity Rating: Critical
Revision Note: V2.0 (May 16, 2011): Bulletin rereleased to reoffer the update for Internet Explorer 7 on supported editions of Windows XP and Windows Server 2003. This is a detection change only. There were no changes to the binaries. Only affected customers...
binaries
critical
cumulative
customer action
detection change
exploitation
ie7
ie8
internet explorer
moderate
remote code execution
revision
security
technical note
update
user rights
vulnerabilities
web page
windows server
windows xp
Severity Rating: Important
Revision Note: V1.2 (June 14, 2011): Announced that the updates for Microsoft Office for Mac, which were not available when the bulletin was originally published, are now available in bulletin MS11-045. Also, for both vulnerabilities addressed by this...
attack vector
bulletin
cve-2011-1269
cve-2011-1270
exploitation
important
mac office
malware
microsoft
microsoft office
office file validation
patch
powerpoint
registry
remote code execution
security
update
user rights
vulnerabilities
workaround
Severity Rating: Important
Revision Note: V1.0 (July 12, 2011): Bulletin published.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that...
Bulletin Severity Rating:Critical - This security update resolves five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet...
administrative rights
critical rating
cumulative update
exploitation
internet explorer
remote code execution
security update
user rights
vulnerabilities
web page
Severity Rating: Important - Revision Note: V1.0 (July 12, 2011): Bulletin published.Summary: This security update resolves 15 privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and...
Resolves a vulnerability in the Windows Bluetooth Stack that could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system.
More...
attack
bluetooth
bluetooth stack
exploitation
fix
impact
july 2011
microsoft
ms11-053
networking
patch
remote code execution
resolves
safety
security
system
update
vulnerability
windows
Hackers are aggressively exploiting a just-patched Flash vulnerability, serving attack code "on a fairly large scale" from compromised sites as well as from their own malicious domains, a security researcher said June 17.
Attacks show up in Korea, Taiwan, and India.
They're also attacking...
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that...
application security
asp.net
client system
code access security
critical
exploitation
iis
microsoft
net framework
remote code execution
security
server security
silverlight
update
user rights
vulnerability
web browser
web hosting
xaml
xbaps
Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of these...