security patch

  1. MS10-070: Vulnerability in ASP.NET could allow information disclosure

    Resolves a vulnerability in ASP.NET that could allow information disclosure. An attacker that successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. More...
  2. MS11-013: Vulnerabilities in Kerberos could allow elevation of privilege

    Resolves a vulnerability that could allow for the elevation of privilege on a computer that is running Windows XP, Windows Server 2003, Windows 7 or Windows Server 2008 R2. More...
  3. MS10-016: Vulnerability in Windows Movie Maker could allow remote code execution

    Resolves a vulnerability in Windows Movie Maker and Microsoft Office Producer for Microsoft Office PowerPoint 2003 that could allow remote code execution if an attacker sent a specially crafted Movie Maker or Producer file. More...
  4. MS10-092: Vulnerability in Task Scheduler could allow for elevation of privilege

    Resolves vulnerabilities in Windows Task Scheduler that could allow elevation of privilege if an attacker logged on to an affected system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on... More...
  5. MS11-076: Vulnerability in Windows Media Center could allow remote code execution: October 11, 2011

    Resolves a vulnerability in Windows Media Center that could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (DLL) file. More...
  6. MS10-020: Vulnerabilities in SMB client could allow remote code execution

    Resolves vulnerabilities in Microsoft Windows that could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. More...
  7. Windows 7 What to make of the hacker who broke IE8 in two minutes

    Link Removed Some of you might have seen today's story by Gregg Keizer of our sister publication Computerworld headlined "Link Removed due to 404 Error" and may have asked the same question I asked. Two minutes? Dutch hacker Peter Vreugdenhil broke into the current edition of the Web browser...
  8. T

    Windows 7 Flip a coin and decide

    FixShell.exe file released by Prevx yesterday shows nothing obviously malicious. It contains a valid XML manifest, and a code certificate backed by VeriSign. And in fact, on our test system with Sophos anti-malware installed, not only did the file not appear to run any process of its own on...
  9. Windows 7 RTM Blocks Access for Standard Users in Safe Mode HotfixAvailable from Micr

    Link Removed - Invalid URL Microsoft is providing the necessary resources to help lock users with standard privileges accounts from accessing Link Removed - Invalid URL while the operating system is in Safe Mode. According to the Redmond company, all that system administrators need do is...