information disclosure

Severity Rating: Important Revision Note: V1.0 (April 14, 2015): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). The vulnerability could allow information disclosure if a user leaves their browser open...

Revision Note: V1.0 (October 14, 2014): Advisory published Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0, affecting the Windows operating system. This vulnerability affects the protocol itself and is not...

Revision Note: V1.0 (October 14, 2014): Advisory published Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0, affecting the Windows operating system. This vulnerability affects the protocol itself and is not...

Severity Rating: Important Revision Note: V1.0 (September 9, 2014): Bulletin published. Summary: This security update resolves three privately reported vulnerabilities in Microsoft Lync Server. The most severe of these vulnerabilities could allow information disclosure if user clicks on a...

Severity Rating: Important Revision Note: V1.0 (September 9, 2014): Bulletin published. Summary: This security update resolves three privately reported vulnerabilities in Microsoft Lync Server. The most severe of these vulnerabilities could allow information disclosure if user clicks on a...

Severity Rating: Revision Note: V1.0 (August 4, 2013): Advisory published. Summary: Microsoft is aware of a public report that describes a known weakness in the Wi-Fi authentication protocol known as PEAP-MS-CHAPv2 (Protected Extensible Authentication Protocol with Microsoft Challenge Handshake...

Severity Rating: Important Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services included in Microsoft Windows. The vulnerability could allow information disclosure if a user views a...

Original release date: November 13, 2013 | Last revised: November 16, 2013 Systems Affected Windows Operating System and Components Microsoft Office Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address...

Severity Rating: Important Revision Note: V1.0 (November 12, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if an attacker logs on to an affected system as a local...

Severity Rating: Important Revision Note: V1.0 (November 12, 2013): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Outlook. The vulnerability could allow information disclosure if a user opens or previews a specially crafted email...

Severity Rating: Important Revision Note: V1.0 (October 8, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Silverlight. The vulnerability could allow information disclosure if an attacker hosts a website that contains a specially...

Severity Rating: Important Revision Note: V1.0 (October 8, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Silverlight. The vulnerability could allow information disclosure if an attacker hosts a website that contains a specially...

Original release date: September 10, 2013 Systems Affected Windows Operating System and Components Microsoft Server Software Microsoft Office Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these...

Severity Rating: Important Revision Note: V1.1 (May 23, 2013): Revised bulletin to announce a detection change for the Microsoft Visio 2010 (2810068) update. This is a detection change only. There were no changes to the update files. Customers who have successfully installed the update do not...

Severity Rating: Important Revision Note: V1.1 (May 15, 2013): Corrected link to the download location in the Detection and Deployment Tools and Guidance section. This is an informational change only. Summary: This security update resolves a privately reported vulnerability in Windows Writer...

Severity Rating: Important Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2655992 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...

Severity Rating: Important Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2655992 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...

Severity Rating: Important Revision Note: V1.2 (June 18, 2013): Bulletin revised to announce a detection change in the security update for 2839229 to address the known issue documented in Microsoft Knowledge Base Article 2839229. This is a detection change only. Customers who have...

Original release date: June 17, 2013 | Last revised: June 18, 2013 Systems Affected Microsoft Windows Microsoft Internet Explorer Microsoft Office Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these...

Severity Rating: Important Revision Note: V1.0 (June 11, 2013): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Windows Kernel. The vulnerability could allow information disclosure if an attacker logs on to a system and...