Original release date: May 12, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector...
The Windows 10 Creators Update adds out-of-process (OOP) COM and OLE support for apps on the Desktop Bridge – a.k.a Packaged COM. Historically, Win32 apps would create COM extensions that other applications could use. For example, Microsoft Excel exposes its Excel.Application object so...
app package
application
automation
client application
com
creators update
desktop bridge
examples
execution
extension
manifest
object model
ole
packaged com
registry
server
third-party
uwp
version
windows 10
Severity Rating: Important
Revision Note: V1.0 (July 14, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if used in conjunction with another vulnerability that allows arbitrary code to...
arbitrary code
bug fix
elevation of privilege
integrity level
july 2015
microsoft windows
ms15-075
ole
patch
security
severity rating
update
vulnerabilities
Original release date: November 14, 2014
Systems Affected
Microsoft Windows Vista, 7, 8, 8.1, RT, and RT 8.1
Microsoft Server 2003, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2
Overview
A vulnerability in Microsoft Windows Object Linking and Embedding (OLE) could allow...
administrator
arbitrary code
cve-2014-6332
execution
exploit
impact
internet explorer
memory
mitigation
ole
privileged access
remote code
safearrayredim
security
server 2003
server 2008
update
vbscript
vulnerability
windows
Today, we released Security Advisory 3010060 to provide additional protections regarding limited, targeted attacks directed at Microsoft Windows customers. A cyberattacker could cause remote code execution if someone is tricked into opening a maliciously-crafted PowerPoint document that contains...
Revision Note: V1.0 (October 21, 2014): Advisory published.
Summary: Microsoft is aware of a vulnerability affecting all supported releases of Microsoft Windows, excluding Windows Server 2003. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft...
Severity Rating: Important
Revision Note: V1.0 (December 13, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all...
affected software
attacker
cve
exploit
important
microsoft
ms11-093
ole
patch
remote code execution
revision note
security bulletin
security update
technet
user rights
vulnerability
windows server 2003
windows xp
Severity Rating: Important
Revision Note: V1.0 (December 13, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all...
attack
bulletin
exploitation
important
microsoft
ole
patch
remote code execution
security update
software
system security
technical note
threat
user rights
vulnerability
windows 7
windows server
windows server 2008
windows vista
windows xp
Severity Rating: Important
Revision Note: V1.0 (December 13, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all...
administrative rights
affected software
attack
bulletin
december 2011
execution
exploit
important
ms11-093
ole
patch management
privately reported
remote code
security update
software security
user accounts
user rights
vulnerability
windows server
windows xp