exploitation

Severity Rating: Important Revision Note: V1.0 (April 10, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Office and Microsoft Works. The vulnerability could allow remote code execution if a user opens a...

Severity Rating: Critical Revision Note: V1.0 (April 10, 2012): Bulletin published. Summary: This security update resolves a privately disclosed vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website...

Severity Rating: Critical Revision Note: V1.3 (February 1, 2012): Corrected registry keys and installation switches in the deployment tables for Windows Server 2003 and Windows Server 2008, and installation switches in the deployment table for Windows Vista. This is an informational...

Severity Rating: Important Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a system and...

Severity Rating: Important Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Expression Design. The vulnerability could allow remote code execution if a user opens a legitimate...

Severity Rating: Important Revision Note: V1.0 (December 13, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all...

Severity Rating: Critical Revision Note: V1.0 (February 14, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted...

Resolves vulnerabilities in Microsoft Windows that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the local user. More...

Resolves a vulnerability in Microsoft Windows that could allow security feature bypass if an attacker exploited it to circumvent the SafeSEH security feature. More...

Severity Rating: Important Revision Note: V1.0 (January 10, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker successfully...

Severity Rating: Important Revision Note: V1.0 (December 13, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted...

Severity Rating: Important Revision Note: V1.0 (December 13, 2011): Bulletin published. Summary: This security update resolves four privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens a...

Revision Note: V1.3 (November 8, 2011): Added link to MAPP Partners with Updated Protections in the Executive Summary. Revised impact statement for the workaround, Deny access to T2EMBED.DLL, to address a reoffer issue on Windows XP and Windows Server 2003. Also, revised the mitigating factors...

Revision Note: V1.0 (November 3, 2011): Advisory published. Summary: Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode...

Hello. Today we released Security Advisory 2588513, addressing an information-disclosure issue in SSL (Secure Sockets Layer) 3.0 and TLS (Transport Layer Security) 1.0 to provide guidance for customers. This is an industry-wide issue with limited impact that affects the Internet ecosystem as a...

Severity Rating: Important Revision Note: V1.0 (September 13, 2011): Bulletin published. Summary: This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially...

Severity Rating: Important Revision Note: V4.1 (April 20, 2011): Corrected registry key verification for Microsoft .NET Framework 3.5 Service Pack 1 when installed on Windows XP and Windows Server 2003. Summary: This security update resolves a publicly disclosed...

Severity Rating: Critical Revision Note: V2.0 (May 16, 2011): Bulletin rereleased to reoffer the update for Internet Explorer 7 on supported editions of Windows XP and Windows Server 2003. This is a detection change only. There were no changes to the binaries. Only affected customers...

Severity Rating: Important Revision Note: V1.2 (June 14, 2011): Announced that the updates for Microsoft Office for Mac, which were not available when the bulletin was originally published, are now available in bulletin MS11-045. Also, for both vulnerabilities addressed by this...

Severity Rating: Important Revision Note: V1.0 (July 12, 2011): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that...