risk assessment

Severity Rating: Important Revision Note: V1.0 (November 8, 2016): Bulletin published. Summary: The Windows Virtual Hard Disk Driver improperly handles user access to certain files. An attacker can manipulate files in locations not intended to be available to the user by exploiting this...

Severity Rating: Critical Revision Note: V1.0 (September 8, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file...

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An...

Severity Rating: Important Revision Note: V1.0 (July 14, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if the Windows graphics component fails to properly process bitmap conversions. An...

Original release date: October 17, 2014 Systems Affected All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this...

Revision Note: V1.0 (October 14, 2014): Advisory published Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0, affecting the Windows operating system. This vulnerability affects the protocol itself and is not...

HP is warning customers: Check your laptop charging cord to see if it's at risk of overheating. Hewlett-Packard (HPQ, Tech30) and federal regulators on Tuesday recalled 6 million power cords sold between September 2010 and June 2012 with some HP and Compaq notebook computers, as well as certain...

Any risk in losing anything by running both an internal and external disk check via this method? Thanks

As security professionals, we are trained to think in worst-case scenarios. We run through the land of the theoretical, chasing “what if” scenarios as though they are lightning bugs to be gathered and stashed in a glass jar. Most of time, this type of thinking is absolutely the correct thing...

Today we provide advance notification for the release of seven Bulletins, two rated Critical and five rated Important in severity. These Updates are for Microsoft Word, Microsoft Office and Internet Explorer. The Update for Internet Explorer addresses Link Removed, which we have not seen used in...

Today, we’re providing advance notification for the release of eight bulletins, three Critical and five Important, for November 2013. The Critical updates address vulnerabilities in Internet Explorer and Microsoft Windows, and the Important updates address issues in Windows and Office. While...

Severity Rating: Critical Revision Note: V1.0 (September 10, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE...

Severity Rating: Important Revision Note: V1.0 (May 14, 2013): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted file or previews a specially...

Today we’re providing Advance Notification of five bulletins for release on Tuesday, June 11, 2013. This release brings one Critical- and four Important-class bulletins. The Critical-rated bulletin addresses issues in Internet Explorer, and the Important-rated bulletins address issues in...

In celebration of spring’s onset, today we’re providing advance notification for the April 2013 release of nine bulletins; two Critical and seven Important. The Critical bulletins address vulnerabilities in Microsoft Windows and Internet Explorer, and the seven Important-rated...

Today we’re providing advance notification for the release of seven bulletins, four Critical and three Important, for March 2013. The Critical bulletins address vulnerabilities in Microsoft Silverlight, Internet Explorer, Office and Microsoft Server Software. The three Important-rated...

We’re kicking off the February 2013 Security Bulletin Release with Advance Notification of 12 bulletins for release Tuesday, February 12. This release brings five Critical and seven Important-class bulletins, which address 57 unique vulnerabilities. The Critical-rated bulletins address...

On behalf of all of us here at Microsoft, I’d like to wish everyone a very happy New Year! With 2013 starting on a Tuesday, our monthly bulletin release is upon us a bit earlier than usual. Next Tuesday we’ll release seven bulletins; two Critical and five Important, which address...

Severity Rating: Important Revision Note: V1.0 (November 13, 2012): Bulletin published. Summary: This security update resolves four privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially...

As previously mentioned in the Advance Notification blog on Thursday, today we’re releasing seven bulletins, one Critical-class and six Important-class bulletins. Before we discuss those releases, let’s take a closer look at the Security Advisories we also released today. Security...