7 matches found
Remote code execution
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs,...
Apache Log4j Remote Code Execution Vulnerability
Certain versions of Apache Log4j2 are vulnerable to a remote code execution vulnerability. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. Microsoft is not aware of any impact to th...
CVE-2021-42306
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...
Information disclosure
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential? on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...
Azure Active Directory Information Disclosure Vulnerability
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...
Microsoft Readies Emergency IE Patch to Thwart Attacks
In the face of an uptick in hacker attacks targeting a zero-day flaw in its Internet Explorer browser, Microsoft has announced plans to ship an emergency IE patch tomorrow March 30, 2010. The out-of-band update comes exactly 21 days after Microsoft said it was aware of targeted attacks against...
Microsoft Re-Releases Security Bulletin MS10-015
Microsoft has re-released the security update described in Microsoft Security Bulletin MS10-015. This release contains an updated installation package that does not allow the security update to be installed on computers infected with malicious code. Microsoft has also released a Fix-It Tool to...