Navigation section

microsoft windows

  1. News

    MS15-078 - Critical: Vulnerability in Microsoft Font Driver Could Allow Remote Code...

    Severity Rating: Critical Revision Note: V1.0 (July 20, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that...
    • News
    • Thread
    • critical microsoft windows ms15-078 opentype fonts patch remote code execution revision note security update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  2. News

    MS15-074 - Important: Vulnerability in Windows Installer Service Could Allow Elevation of...

    Severity Rating: Important Revision Note: V1.0 (July 14, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if the Windows Installer service improperly runs custom action scripts. An...
    • News
    • Thread
    • administrative rights custom action scripts cybersecurity elevation of privilege microsoft windows ms15-074 patch management security update vulnerability windows installer
    • Replies: 0
    • Forum: Security Alerts
  3. News

    TA15-195A: Adobe Flash and Microsoft Windows Vulnerabilities

    Original release date: July 14, 2015 | Last revised: July 15, 2015 Systems Affected Microsoft Windows systems with Adobe Flash Player installed. Overview Used in conjunction, recently disclosed vulnerabilities in Adobe Flash and Microsoft Windows may allow a remote attacker to execute...
    • News
    • Thread
    • adobe flash attack surface reduction cve-2015-2387 cve-2015-5119 cve-2015-5122 cve-2015-5123 cybersecurity defense techniques exploit exploit mitigation internet security memory corruption microsoft windows patch management privilege escalation security system privileges update user awareness vulnerabilities
    • Replies: 0
    • Forum: Security Alerts
  4. News

    MS15-075 - Important: Vulnerabilities in OLE Could Allow Elevation of Privilege (3072633) -...

    Severity Rating: Important Revision Note: V1.0 (July 14, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if used in conjunction with another vulnerability that allows arbitrary code to...
    • News
    • Thread
    • arbitrary code bug fix elevation of privilege integrity level july 2015 microsoft windows ms15-075 ole patch security severity rating update vulnerabilities
    • Replies: 0
    • Forum: Security Alerts
  5. News

    MS15-071 - Important: Vulnerability in Netlogon Could Allow Elevation of Privilege...

    Severity Rating: Important Revision Note: V1.0 (July 14, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker who is logged on to a domain-joined system runs a specially crafted...
    • News
    • Thread
    • domain-joined elevation of privilege july 2015 microsoft windows ms15-071 netlogon network traffic security update severity rating vulnerability
    • Replies: 0
    • Forum: Security Alerts
  6. News

    July 2015 Security Updates

    Today we released security updates for Microsoft Windows, Microsoft Office, Microsoft SQL Server, and Internet Explorer. As a best practice, we encourage customers to apply security updates as soon as they are released. For more information about this month’s security updates and Link Removed...
    • News
    • Thread
    • best practices cybersecurity internet explorer it administration july 2015 microsoft office microsoft windows msrc patch management response center security updates software security sql server technet updates vulnerability
    • Replies: 0
    • Forum: Security Alerts
  7. News

    MS15-034 - Critical: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)...

    Severity Rating: Critical Revision Note: V1.0 (April 14, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows...
    • News
    • Thread
    • critical cybersecurity http.sys microsoft windows patch remote code execution revision note security update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  8. News

    MS15-034 - Critical: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)...

    Severity Rating: Critical Revision Note: V1.0 (April 14, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows...
    • News
    • Thread
    • critical cybersecurity http.sys microsoft windows ms15-034 patch remote code execution security update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  9. News

    March 2015 Updates

    Today, as part of Update Tuesday, we released 14 security bulletins to address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Exchange, and Internet Explorer. We encourage customers to apply all of these updates. For more information about this month’s security updates...
    • News
    • Thread
    • bulletins common vulnerabilities cve exploitability index internet explorer internet security march 2015 microsoft office microsoft windows msrc patch management security security advisory security features software updates tech news update tuesday updates vulnerabilities
    • Replies: 0
    • Forum: Security Alerts
  10. News

    MS15-027 - Important: Vulnerability in NETLOGON Could Allow Spoofing (3002657) - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (March 10, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow spoofing if an attacker who is logged on to a domain-joined system runs a specially crafted application...
    • News
    • Thread
    • cybersecurity domain microsoft windows netlogon network security spoofing threat update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  11. News

    MS15-015 - Important: Vulnerability in Microsoft Windows Could Allow Elevation of Privilege...

    Severity Rating: Important Revision Note: V1.0 (February 10, 2015): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an authenticated attacker acquires administrator...
    • News
    • Thread
    • administrator application credentials elevation of privilege microsoft windows ms15-015 security update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  12. News

    February 2015 Updates

    Today, as part of Update Tuesday, we released nine security bulletins – three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software. We...
    • News
    • Thread
    • advisory bulletins change critical cve exploitability index february 2015 important internet explorer microsoft office microsoft server microsoft windows msrc re-released remote code execution response center security ssl updates vulnerabilities
    • Replies: 0
    • Forum: Security Alerts
  13. News

    MS14-084 - Critical: Vulnerability in VBScript Scripting Engine Could Allow Remote Code...

    Severity Rating: Critical Revision Note: V1.0 (December 9, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially...
    • News
    • Thread
    • administrative attacker control critical cybersecurity data management execution microsoft windows patch programs remote code security update user accounts user rights vbscript vulnerability
    • Replies: 0
    • Forum: Security Alerts
  14. News

    MS14-067 - Critical: Vulnerability in XML Core Services Could Allow Remote Code Execution...

    Severity Rating: Critical Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a logged-on user visits a specially crafted website that...
    • News
    • Thread
    • attacker critical internet explorer microsoft windows remote code execution security update user awareness vulnerability xml core services
    • Replies: 0
    • Forum: Security Alerts
  15. News

    2982792 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (July 10, 2014): Advisory published. Summary: Microsoft is aware of improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The SSL certificates were improperly issued by the National...
    • News
    • Thread
    • certificate authorities cybersecurity digital certificates man-in-the-middle microsoft windows phishing security advisory spoofing ssl vulnerability
    • Replies: 0
    • Forum: Security Alerts
  16. News

    Vulnerability in TCP Protocol Could Allow Denial of Service - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (June 10, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a sequence of specially crafted packets to the...
    • News
    • Thread
    • cyber security denial of service important microsoft windows network attack security update tcp protocol vulnerability
    • Replies: 0
    • Forum: Security Alerts
  17. News

    Vulnerability in TCP Protocol Could Allow Denial of Service - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (June 10, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a sequence of specially crafted packets to the...
    • News
    • Thread
    • attack prevention bulletin denial of service malware defense microsoft windows network security security update severity rating tcp protocol vulnerability
    • Replies: 0
    • Forum: Security Alerts
  18. News

    Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (May 13, 2014): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an authenticated attacker uses certain Active Directory Group...
    • News
    • Thread
    • active directory elevation of privilege group policy important microsoft windows patch security security bulletin update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  19. News

    MS13-070 - Critical : Vulnerability in OLE Could Allow Remote Code Execution (2876217) -...

    Severity Rating: Critical Revision Note: V1.0 (September 10, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE...
    • News
    • Thread
    • administrative rights critical severity exploit microsoft windows ms13-070 ole vulnerability remote code execution risk assessment security update user privileges
    • Replies: 0
    • Forum: Security Alerts
  20. News

    MS13-060 - Critical : Vulnerability in Unicode Scripts Processor Could Allow Remote Code...

    Severity Rating: Critical Revision Note: V1.0 (August 13, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the Unicode Scripts Processor included in Microsoft Windows. The vulnerability could allow remote code execution if a user viewed a...
    • News
    • Thread
    • administrative rights application attack critical document embedded fonts execution exploitation microsoft windows ms13-060 opentype privately reported remote code security update system impact unicode user accounts user rights vulnerability webpage
    • Replies: 0
    • Forum: Security Alerts
Back
Top