Lucene search
K

13 matches found

ThreatPost
ThreatPost
added 2014/10/29 2:56 p.m.107 views

Microsoft Plans to Disable SSLv3 in IE, All Online Services

Microsoft is planning to disable support for the weak SSLv3 protocol in Internet Explorer at some undetermined point in the future, and also will remove support for it in the company’s online services soon. The security and utility of SSLv3 has been an issue for a long time, but it came into...

9.3CVSS1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2013/11/05 2:7 p.m.64 views

Microsoft Warns of Targeted Attacks on Windows 0-Day

Microsoft is warning users about targeted attacks against a new vulnerability in several versions of Windows and Office that could allow an attacker to take over a user’s machine. The bug, which is not yet patched, is being used as part of targeted attacks with malicious email attachments, mainly...

9.3CVSS2.4AI score0.99945EPSS
Exploits33References2
The Hacker News
The Hacker News
added 2013/09/24 2:2 p.m.38 views

Internet Explorer zero-day exploit used watering hole attacks to target Japanese users

Attackers exploiting a zero-day vulnerability CVE-2013-3893 in Microsoft's Internet Explorer browser and served them on compromised popular Japanese news websites. According to FireEye, at least three major Japanese media websites were compromised in watering hole attacks, dubbed Operation...

9.3CVSS6.6AI score0.8593EPSS
Exploits18
The Hacker News
The Hacker News
added 2013/09/24 3:2 a.m.49 views

Internet Explorer zero-day exploit used watering hole attacks to target Japanese users

Attackers exploiting a zero-day vulnerability CVE-2013-3893 in Microsoft’s Internet Explorer browser and served them on compromised popular Japanese news websites. According to FireEye, at least three major Japanese media websites were compromised in watering hole attacks, dubbed Operation...

9.3CVSS0.5AI score0.8593EPSS
Exploits18
ThreatPost
ThreatPost
added 2013/09/23 1:57 p.m.37 views

IE Zero Day Used in Targeted Attacks Against Japanese Firms

Attackers exploiting a zero-day vulnerability in Microsoft’s Internet Explorer browser have compromised several popular local Japanese media outlets and have infected systems belonging to government, high tech and manufacturing organizations in Japan. Researchers at FireEye said the attacks appea...

9.3CVSS8.6AI score0.99945EPSS
Exploits51References8
ThreatPost
ThreatPost
added 2013/06/11 8:47 a.m.9 views

Microsoft FixIt Tool Blocks Java Attacks in IE

Java is a security headache, not just for users and Oracle, its provider, but also for other software companies that have to deal with it, as well. Microsoft has taken steps to address this problem by releasing a FixIt tool that is designed to block all of the Web-based Java attack vectors in...

1.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/06/14 2:25 p.m.122 views

Microsoft Issues FixIt For XML Flaw

With attackers already exploiting the MSXML zero-day vulnerability, which affects a wide range of products, Microsoft has issued a FixIt tool for the bug that it is encouraging users to install as they prepare a full patch for the flaw. The vulnerability is a critical one, and, because it’s prese...

9.3CVSS2.5AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2011/11/04 11:47 a.m.69 views

Microsoft Releases Workaround For Kernel Flaw Used By Duqu

Microsoft has released a workaround for the Windows kernel zero-day vulnerability exploited by the Duqu malware, and said that it is working on a permanent patch, but didn’t specify a timeline for its release. The vulnerability is a serious one that can lead to remote code execution on vulnerable...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2011/09/27 4:1 p.m.7 views

Microsoft Pushes FixIt Tool to Enable Support for Newer TLS Version

Microsoft has relased a security advisory about the TLS/SSL attack developed by Juliano Rizzo and Thai Duong and also has made a FixIt tool available to help server administrators switch on support for newer versions of the protocol that aren’t vulnerable to the attack. The Microsoft advisory lay...

1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/01/28 6:46 p.m.16 views

Microsoft Warns of MHTML Bug in Windows

Microsoft is warning its users about a dangerous flaw in the way that Windows handles certain MHTML operations, which could allow an attacker to run code on vulnerable machines. The bug affects all of the current versions of Windows, from XP up through Windows 7 and Windows Server 2008. Microsoft...

6.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/07/21 2:32 p.m.8 views

Microsoft Releases FixIt Tool for LNK Flaw

Microsoft has released a FixIt tool for the unpatched LNK Windows shell vulnerability and also has updated its guidance on how to deal with the flaw. The company also said it is continuing to work on developing a patch for the vulnerability. The FixIt tool that Microsoft published Tuesday mitigat...

0.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2009/11/24 2:39 p.m.55 views

Microsoft Acknowledges IE7 Flaw

Microsoft has acknowledged a new unpatched vulnerability in Internet Explorer 6 and 7, and said that the company is investigating methods for fixing the flaw. The company said that although there is public exploit code available for the vulnerability, it has not seen any evidence of ongoing attac...

9.3CVSS0.8AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2009/07/07 2:59 p.m.10 views

How to Protect Against the MSVidCtl Vulnerability

The ongoing exploitation of the vulnerability in an ActiveX control used by Internet Explorer has created a dangerous situation, as there is no patch yet for the MSVidCtl.dll vulnerability. However, there are several steps you can take to protect yourself against attacks. Microsoft has released a...

2.1AI score
Exploits0References4
Rows per page
Query Builder