Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection

Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection Title: Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection Date: 2018-09-08 Author: John Page aka hyp3rlinx Vendor: Microsoft Software link: https://www.microsoft.com/en-us/download/details.aspx?id=7558...

MS10-024: Description of the security update for Windows SMTP Service: April 13, 2010 and July 13, 2010

MS10-024: Description of the security update for Windows SMTP Service: April 13, 2010 and July 13, 2010 INTRODUCTION Microsoft has released security bulletin MS10-024. To view the complete security bulletin, visit one of the following Microsoft Web sites: Home users:...

MS16-154: Security update for Adobe Flash Player: December 13, 2016

MS16-154: Security update for Adobe Flash Player: December 13, 2016 Summary This security update resolves vulnerabilities in Adobe Flash Player if it is installed on any supported edition of Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10, Windows 10 Version 1511,...

MBSA 2.3 and the November 2013 Security Bulletin Webcast, Q&A, and Slide Deck

Today we’re publishing the November 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on the ActiveX Kill Bits bulletin MS13-090 and the advisories. We also answered a few general questions that were not specific to any of this month’s updates, but that ma...

Microsoft Security Bulletin MS07-028 Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)

Microsoft Security Bulletin MS07-028 Vulnerability in CAPICOM Could Allow Remote Code Execution 931906 Published: May 8, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use CAPICOM or BizTalk 2004 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

Microsoft Security Bulletin MS07-019 Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)

Microsoft Security Bulletin MS07-019 Vulnerability in Universal Plug and Play Could Allow Remote Code Execution 931261 Published: April 10, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity...

Microsoft Security Bulletin MS07-020 Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)

Microsoft Security Bulletin MS07-020 Vulnerability in Microsoft Agent Could Allow Remote Code Execution 932168 Published: April 10, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

Microsoft Security Bulletin MS06-054 Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)

Microsoft Security Bulletin MS06-054 Vulnerability in Microsoft Publisher Could Allow Remote Code Execution 910729 Published: September 12, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Publisher Impact of Vulnerability: Remote Code Execution Maximum Severit...

Microsoft Security Bulletin MS06-026 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)

Microsoft Security Bulletin MS06-026 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution 918547 Published: June 13, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Critical Maximum Severity Rating: Remo...

CVE-2002-1762

MBSA 1.0 stores security scans in plaintext at C:\Documents and Settings\username\SecurityScans, potentially exposing sensitive system information to users able to run malicious ActiveX/Java content. The provided sources confirm the exact location and plaintext storage, with no additional exploit...

Microsoft Security Bulletin MS05-028 Vulnerability in Web Client Service Could Allow Remote Code Execution (896426)

Microsoft Security Bulletin MS05-028 Vulnerability in Web Client Service Could Allow Remote Code Execution 896426 Issued: June 14, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

CVE-2004-2091

The vulnerability entry CVE-2004-2091 concerns Microsoft Baseline Security Analyzer (MBSA) 1.2. Affected context: MBSA 1.2 may not correctly identify systems that have been patched but remain exploitable until a reboot, potentially giving administrators a false sense of security. Impact is descri...