436 matches found
MS15-110: Description of the security update for SharePoint Foundation 2013: October 13, 2015
Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves vulnerabilities in Sharepoint. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS15-110. Note To apply this...
MS15-046: Description of the security update for Word 2013: May 12, 2015
Describes an update that resolves vulnerabilities in Microsoft Office that could allow remote code execution when an Office file that is located in the same network directory as a specially crafted library file is opened.IntroductionThis update resolves vulnerabilities in Microsoft Office that...
MS13-003: Vulnerabilities in System Center Operations Manager could allow elevation of privilege: March 12, 2013
Resolves vulnerabilities in Microsoft System Center Operations Manager that could allow elevation of privilege if a user visits an affected website by way of a specially crafted URL.INTRODUCTIONMicrosoft has released security bulletin MS13-003. To view the complete security bulletin, visit the...
CVE-2019-0708: Windows RDP service worms level vulnerability alerts-a vulnerability alert-the black bar safety net
2019 5 May 14, Microsoft officially released security patches, repair the Windows Remote Desktop service remote code execution vulnerability, the vulnerability affects some older versions of Windows system. This vulnerability is pre-authentication and without user interaction, this means that thi...
Primary Stuxnet Advisory
OVERVIEW ICS-CERT has been actively investigating and reporting on the Stuxnet vulnerability. To date, ICS-CERT has released ICSA-10-201-01 - Malware Targeting Siemens Control Software including Updates B & C and ICSA-10-238-01 - Stuxnet Mitigations including Update B. Stuxnet uses four zero-day...
Adobe Reader zero-day discovered alongside Windows vulnerability
During the first half of 2018, we have witnessed some particularly interesting zero-day exploits, including one for Flash CVE-2018-4878 and more recently for Internet Explorer CVE-2018-8174. The former was quickly used by exploit kits such as Magnitude, while it is only a matter of time before we...
Microsoft's New Security Update Guides Get Mixed Reviews
Microsoft is receiving mixed reviews for its shift to delivering security update information via its newly launched Security Update Guides. The change was official in April, with Microsoft explaining it would allow system administrators to effectively pair specific patches with vulnerabilities, a...
MS15-132: Description of the security update for Windows: December 8, 2015
MS15-132: Description of the security update for Windows: December 8, 2015 Summary This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker accesses a local system and runs a specially crafted application. To learn mo...
MS15-132: Description of the security update for Windows: December 8, 2015
MS15-132: Description of the security update for Windows: December 8, 2015 Summary This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker accesses a local system and runs a specially crafted application. To learn mo...
MS15-100: Vulnerability in Windows Media Center could allow remote code execution: September 8, 2015
MS15-100: Vulnerability in Windows Media Center could allow remote code execution: September 8, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link...
MS15-122: Description of the security update for Windows Kerberos: November 10, 2015
MS15-122: Description of the security update for Windows Kerberos: November 10, 2015 Summary This security update resolves a security feature bypass in Windows. An attacker could bypass Kerberos authentication on a computer and decrypt drives that have BitLocker enabled. The bypass can be exploit...
MS14-057: Description of the security update for the .NET Framework 4.5, the .NET Framework 4.5.1, and the .NET Framework 4.5.2 for Windows 8, Windows RT, and Windows Server 2012: October 14, 2014
MS14-057: Description of the security update for the .NET Framework 4.5, the .NET Framework 4.5.1, and the .NET Framework 4.5.2 for Windows 8, Windows RT, and Windows Server 2012: October 14, 2014 View products that this article applies to. Introduction This security update resolves vulnerabiliti...
MS13-095: Vulnerability in XML digital signatures could allow denial of service: November 12, 2013
MS13-095: Vulnerability in XML digital signatures could allow denial of service: November 12, 2013 INTRODUCTION Microsoft has released security bulletin MS13-095. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...
MS16-035: Description of the security update for the .NET Framework 4.5.2 in Windows Server 2012: March 8, 2016
MS16-035: Description of the security update for the .NET Framework 4.5.2 in Windows Server 2012: March 8, 2016 October 11, 2016 This security update has been re-released to Windows Server Update Services WSUS channel because of an offering issue that may have affected some WSUS customers who had...
MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014
MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014 View products that this article applies to. Introduction This update resolves vulnerabilities that could allow elevation of privilege...
MS16-020: Security update for Active Directory Federation Services to address denial of service: February 9, 2016
MS16-020: Security update for Active Directory Federation Services to address denial of service: February 9, 2016 Summary This security update resolves a vulnerability in Active Directory Federation Services AD FS. The vulnerability could allow denial of service if an attacker sends certain input...
MS16-007: Description of the security update for Windows: January 12, 2016
MS16-007: Description of the security update for Windows: January 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially...
MS16-005: Description of the security update for Windows kernel-mode drivers: January 12, 2016
MS16-005: Description of the security update for Windows kernel-mode drivers: January 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user visits a malicious website. To learn more...
MS11-022: Description of the security update for PowerPoint Viewer 2010: April 12, 2011
MS11-022: Description of the security update for PowerPoint Viewer 2010: April 12, 2011 Microsoft has released security bulletin MS11-022. To view the complete security bulletin, visit one of the following Microsoft websites: Home...
MS16-114: Description of the security update for Windows SMBv1 Server: September 13, 2016
MS16-114: Description of the security update for Windows SMBv1 Server: September 13, 2016 Summary This security update resolves a vulnerability in Microsoft Windows. On Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 operating systems, the vulnerability could allow remot...