MS13-073: Vulnerabilities in Microsoft Excel could allow remote code execution: September 10, 2013

This security update addresses the vulnerabilities by correcting how Microsoft Excel and other affected Microsoft software validates data when parsing specially crafted Office files and by correcting how the XML parser used by Excel resolves external entities within a specially crafted...

MS13-067: Description of the security update for Excel Web App: September 10, 2013

Resolves vulnerabilities in Microsoft Office server software that could allow remote code execution in the context of the W3wp.exe process service account.IntroductionThis security update resolves vulnerabilities in Microsoft Office server software that could allow remote code execution in the...

MS13-067: Description of the security update for SharePoint Server 2013 (coreserverloc): September 10, 2013

Resolves vulnerabilities in Microsoft Office Server software which could allow remote code execution in the context of the W3WP service account.IntroductionThis security update resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of th...

MS13-077: Vulnerability in Windows Service Control Manager could allow elevation of privilege: September 10, 2013

Resolves a vulnerability in Windows Service Control Manager that could allow elevation of privilege if an authenticated user is convinced to execute a specially crafted application.INTRODUCTIONMicrosoft has released security bulletin MS13-077. To view the complete security bulletin, go to one of...

MS13-069: Cumulative security update for Internet Explorer: September 10, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. We recommend that you install the most current cumulative securit...

MS13-073: Description of the security update for Microsoft Excel 2013: September 10, 2013

This security update addresses the vulnerabilities by correcting how Microsoft Excel and other affected Microsoft software validates data when parsing specially crafted Office files and by correcting the manner in which the XML parser used by Excel resolves external entities within a specially...

MS13-067: Description of the security update for SharePoint Foundation 2013: September 10, 2013

Resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account.IntroductionThis security update resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the...

MS13-067: Description of the security update for Word Automation Services in SharePoint Server 2010: September 10, 2013

Resolves vulnerabilities in Microsoft Office Server software which could allow remote code execution in the context of the W3WP service account.View products that this article applies to.IntroductionThis security update resolves vulnerabilities in Microsoft Office Server software that could allow...

MS13-068: Vulnerability in Microsoft Outlook could allow remote code execution: September 10, 2013

Resolves a security vulnerability that could allow remote code execution if a user opens or previews a specially crafted email message.IntroductionThis update resolves a security vulnerability that could allow remote code execution if a user opens or previews a specially crafted email...

MS13-067: Description of the security update for Office Web Apps Server 2013: September 10, 2013

Resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account.IntroductionThis security update resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the...

Description of the update package for Lync Server 2010, Web Components Server: April 2011

Describes the bugs that are resolved in the April, 2011 cumulative update package for Lync Server 2010, Web Components Server.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Web Components Server that is dated April 2011.This article...

Description of the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime: April 2011

Describes the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime that is dated April 2011.SummaryThis article describes the Microsoft Lync Server 2010, Unified Communications Managed API 3.0 Runtime issue that is fixed in the cumulative update for Lync Server...

Description of the cumulative update for Lync Server 2010: July 2011

Describes the bug that is resolved in the July, 2011 cumulative update package for Lync Server 2010.SummaryThis article describes the cumulative update for Microsoft Lync Server 2010 that is dated July, 2011. INTRODUCTIONIssues that this update package fixesThis cumulative update fixes the...

Description of the cumulative update for Lync Server 2010, Web Conferencing Server: July 2011

Describes the cumulative update for Lync Server 2010, Web Conferencing Server that is dated July 2011.SummaryThis article describes the cumulative update for Microsoft Lync Server 2010, Web Conferencing Server that is dated July 2011. ResolutionUpdate package informationMicrosoft Download CenterT...

Description of the cumulative update for Lync Server 2010, Mediation Server: November 2011

Describes the bugs that are fixed in the November, 2011 cumulative update package for Lync Server 2010.SummaryThis article describes the issue that is fixed in the update package for Microsoft Lync Server 2010, Mediation Server that is dated November 2011.This article describes the following item...

Description of the update for Lync Server 2010, Web Conferencing Server: January 2012

Describes the update for Lync Server 2010, Web Conferencing Server that is dated January 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Web Conferencing Server that is dated January 2012. This update improves the reliability, stability and performance of Lync Server...

Description of the cumulative update for Lync Server 2010, Administrative Tools: February 2012

Describes the issues that are resolved in the cumulative update package for Lync Server 2010, Administration Tools that is dated February 2012.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Administration Tools that is dated February...

Description of the update for Lync Server 2010, Core Components: March 2012

Describes the update for Lync Server 2010, Core Components that is dated March 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Core Components that is dated March 2012.INTRODUCTIONThis update improves the reliability, stability, and performance of Lync Server 2010,...

MS13-061: Vulnerabilities in Microsoft Exchange Server could allow remote code execution: August 13, 2013

Resolves vulnerabilities in Microsoft Exchange Server that could allow remote code execution if a user on an affected Exchange server views a specially crafted file in an email attachment.INTRODUCTIONMicrosoft has released security bulletin MS13-061. To view the complete security bulletin, go to...

MS13-066: Vulnerability in Active Directory Federation Services could allow information disclosure: August 13, 2013

Resolves a vulnerability in Active Directory Federation Services AD FS that could reveal information that relates to the service account that is used by AD FS.INTRODUCTIONMicrosoft has released security bulletin MS13-066. To view the complete security bulletin, go to the following Microsoft...

MS13-059: Cumulative security update for Internet Explorer: August 13, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. We recommend that you install the most current cumulative securit...

MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 (wmvdmod.dll), and for Windows Media Player 11 and 12: July 9, 2013

None None...

MS13-052: Vulnerabilities in .NET Framework and Silverlight could allow remote code execution: July 9, 2013

Resolves a vulnerability in the .NET Framework and Silverlight that could allow remote code execution or elevation of privilege on a client system if a user views a specially crafted webpage by using a web browser that can run Silverlight applications or XAML Browser Applications XBAPs.View...

MS13-055: Cumulative Security Update for Internet Explorer: July 9, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative...

MS13-054: Vulnerability in GDI+ could allow remote code execution: July 9, 2013

Resolves a vulnerability that could allow remote code execution on a client system if a user opens a specially crafted document or visits a specially crafted webpage that embeds TrueType font files.View products that this article applies to.IntroductionThis update resolves a vulnerability that...

MS13-047: Cumulative security update for Internet Explorer: June 11, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative...

MS13-040: Vulnerabilities in the .NET Framework could allow spoofing: May 14, 2013

Resolves a vulnerability in the Microsoft .NET Framework that could allow identity spoofing on a client system.View products that this article applies to.IntroductionResolves a vulnerability in the Microsoft .NET Framework that could allow identity spoofing on a client system.SummaryMicrosoft has...

MS13-045: Vulnerability in Windows Essentials could allow information disclosure: May 14, 2013

Resolves a vulnerability in Windows Live Writer that could allow information disclosure if a user opens Writer by using a specially crafted URL.INTRODUCTIONMicrosoft has released security bulletin MS13-045. To view the complete security bulletin, go to one of the following Microsoft websites: Hom...

MS13-037: Cumulative Security Update for Internet Explorer: May 14, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative...

MS13-041: Vulnerability in Lync could allow remote code execution: May 14, 2013

Resolves a vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted file or previews a specially crafted email message in an affected version of Microsoft Office software.INTRODUCTIONMicrosoft has released security bulletin MS13-041. To view the...

MS13-035: Description of the security update for Groove Server 2010 Service Pack 1: April 9, 2013

None None...

MS13-030: Vulnerability in SharePoint could allow information disclosure: April 9, 2013

This update resolves a security vulnerability in Microsoft SharePoint Server 2013 that could allow information disclosure.IntroductionMicrosoft has released security bulletin MS13-030. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

MS13-030: Description of the security update for SharePoint Server 2013 (coreserver): April 9, 2013

This update resolves a security vulnerability that exists in Microsoft SharePoint Server 2013 that could allow information disclosure.Introduction This update resolves a security vulnerability that exists in Microsoft SharePoint Server 2013 that could allow information disclosure.SummaryMicrosoft...

MS13-029: Vulnerability in Remote Desktop Client could allow remote code execution: April 9, 2013

Resolves a vulnerability in Windows Remote Desktop Client that could allow remote code execution if a user views a specially crafted webpage.INTRODUCTIONMicrosoft has released security bulletin MS13-029. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

MS13-028: Cumulative Security Update for Internet Explorer: April 9, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative...

MS13-035: Description of the security update for Office Online 2010 Service Pack 1: April 9, 2013

This update resolves a security vulnerability that exists in Microsoft Office Online 2010 that could allow elevation of privilege.IntroductionMicrosoft has released security bulletin MS13-035. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

MS13-032: Vulnerability in Active Directory could lead to denial of service: April 9, 2013

Resolves a vulnerability in Active Directory that could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol LDAP service.INTRODUCTIONMicrosoft has released security bulletin MS13-032. To view the complete security bulletin, go to one...

MS13-035: Description of the security update for InfoPath 2010 Service Pack 1: April 9, 2013

None None...

MS13-023: Description of the security update for Visio 2010 Service Pack 1: March 12, 2013

Resolves a vulnerability in Visio 2010 Viewer that could allow arbitrary code to run when a maliciously modified Visio file is opened.IntroductionMicrosoft has released security bulletin MS13-023. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

MS13-021: Cumulative Security Update for Internet Explorer: March 12, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative...

MS13-025: Vulnerability in Microsoft OneNote could allow information disclosure: March 12, 2013

Resolves a vulnerability in Microsoft OneNote that could allow information disclosure. This security update was released on March 12, 2013.INTRODUCTIONMicrosoft has released security bulletin MS13-025. To view the complete security bulletin, visit one of the following Microsoft websites: Home...

MS13-023: Vulnerability in Microsoft Visio 2010 Viewer could allow remote code execution: March 12, 2013

Resolves a vulnerability in Visio 2010 Viewer that could allow arbitrary code to run when a maliciously modified Visio file is opened.IntroductionMicrosoft has released security bulletin MS13-023. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

MS13-009: Cumulative Security Update for Internet Explorer: February 12, 2013

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative...

MS13-015: Vulnerability in the .NET Framework could allow elevation of privilege: February 12, 2013

Resolves a vulnerability in the Microsoft .NET Framework that could allow remote code execution on a client system if a user views a specially crafted webpage by using a web browser that can run XAML Browser Applications XBAPs.IntroductionMicrosoft has released security bulletin MS13-015. You can...

MS13-013: Vulnerabilities in FAST Search Server 2010 for SharePoint parsing could allow remote code execution: February 12, 2013

Resolves vulnerabilities in Microsoft FAST Search Server 2010 for SharePoint when the Advanced Filter Pack is enabled that could allow remote code execution in the security context of a user account that uses a restricted token.IntroductionMicrosoft has released security bulletin MS13-013. To vie...

MS13-019: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) could allow elevation of privilege: February 12, 2013

Resolves a vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.INTRODUCTIONMicrosoft has released security bulletin MS13-019. To view the complete security bulletin, visit one of the following...

MS13-001: Vulnerability in Windows print spooler components could allow remote code execution: January 8, 2013

Resolves a vulnerability in Microsoft Windows that could allow remote code execution if a print server received a specially crafted print job.INTRODUCTIONMicrosoft has released security bulletin MS13-001. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

MS13-004: Vulnerability in the .NET Framework could allow elevation of privilege: January 8, 2013

Resolves a vulnerability in the .NET Framework that could allow remote code execution on a client system. Vulnerability occurs if a user views a specially crafted webpage through a web browser that can run XAML Browser Applications XBAPs.View products that this article applies...

MS13-002: Vulnerabilities in Microsoft XML core services could allow remote code execution: January 8, 2013

Resolves a security vulnerability in Microsoft XML Core Services that could allow arbitrary code to run when you view a specially crafted webpage by using Internet Explorer.View products that this article applies to.INTRODUCTIONMicrosoft has released security bulletin MS13-002. To view the comple...

MS13-007: Vulnerability in Open Data Protocol could allow denial of service: January 8, 2013

Resolves a vulnerability in the Open Data Protocol OData services in the .NET Framework that could allow a Denial of Service application.View products that this article applies to.IntroductionMicrosoft has released the security bulletin MS13-007. You can view the complete security bulletin by goi...