exploitation

  1. MS11-036 - Important: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (254

    Severity Rating: Important - Revision Note: V1.0 (May 10, 2011): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An...
  2. Unpatched DLL bugs let hackers exploit Windows 7 and IE9, says researcher

    Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today. Link Removed due to 404 Error
  3. MS11-022 - Important: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (248

    Severity Rating: Important - Revision Note: V1.0 (April 12, 2011): Bulletin published.Summary: This security update resolves three privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint...
  4. MS11-019 - Critical: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)

    Bulletin Severity Rating:Critical - This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated...
  5. Pwn2Own 2011: IE8 on Windows 7 hijacked with 3 vulnerabilities

    Using three different vulnerabilities and clever exploitation techniques, Irish security researcher Stephen Fewer successfully hacked into a 64-bit Windows 7 (SP1) running Internet Explorer 8 to win this year’s CanSecWest hacker challenge. More...
  6. Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine Could Al

    Revision Note: V1.0 (February 23, 2011): Advisory published. Advisory Summary:Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update...
  7. MS11-006 - Critical: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Exec

    Bulletin Severity Rating:Critical - This security update resolves a publicly disclosed vulnerability in the Windows Shell graphics processor. The vulnerability could allow remote code execution if a user views a specially crafted thumbnail image. An attacker who successfully exploited this...
  8. MS11-008 - Important: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)

    Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited either of these...
  9. Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote

    Revision Note: V1.2 (January 19, 2011): Clarified that the Modify the Access Control List (ACL) on shimgvw.dll workaround only applies to Windows XP and Windows Server 2003 systems and added a new workaround, Disable viewing of thumbnails in Windows Explorer on Windows Vista and Windows Server...
  10. Microsoft Security Advisory (2501696): Vulnerability in MHTML Could Allow Information Disclosure

    Revision Note: V1.0 (January 28, 2011): Advisory published.Summary: Microsoft is investigating new public reports of a vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web...
  11. Microsoft Security Advisory (2501696): Vulnerability in MHTML Could Allow Information Disclosure - 1

    Revision Note: V1.0 (January 28, 2011): Advisory published. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various...
  12. Microsoft Security Advisory (2488013): Vulnerability in Internet Explorer Could Allow Remote Code Ex

    Revision Note: V1.2 (January 11, 2011): Added the workaround, Prevent the recursive loading of CSS style sheets in Internet Explorer, and revised Executive Summary to reflect investigation of limited attacks. Summary: Microsoft is investigating new, public reports of targeted attacks attempting...
  13. MS11-002 - Critical: Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Exe

    Bulletin Severity Rating:Critical - This security update resolves two privately reported vulnerabilities in Microsoft Data Access Components. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page. An attacker who successfully exploited this...
  14. MS10-098 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privil

    Severity Rating: Important - Revision Note: V1.0 (December 14, 2010): Bulletin publishedSummary: This security update resolves one publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an...
  15. MS10-103 - Important: Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292

    Severity Rating: Important - Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves five privately reported vulnerabilities in Microsoft Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker...
  16. MS10-103 - Important: Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292

    Bulletin Severity Rating:Important - This security update resolves five privately reported vulnerabilities in Microsoft Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited any of these vulnerabilities could...
  17. MS10-075 - Critical: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code E

    Severity Rating: Critical - Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in the Microsoft Windows Media Player Network Sharing Service. The vulnerability could allow remote code execution if an attacker sent...
  18. MS10-079 - Important: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)

    Severity Rating: Important - Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves eleven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Word file. An...
  19. MS10-080 - Important: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)

    Severity Rating: Important - Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves thirteen privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file or...
  20. Update to Security Advisory 2416728

    Hi everyone - We've just updated Link Removed due to 404 Error as we've begun to see limited attacks with the ASP.NET vulnerability. We have added questions and answers and encourage customers to review this information and evaluate it for their environment. We have also added additional...