| Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution - 8/31/2010 |
| Revision Note: V1.1 (August 31, 2010) Added a link to Microsoft Knowledge Base Article 2264107 to provide an automated Microsoft Fix it solution for the workaround, Disable loading of libraries from WebDAV and remote network shares. Advisory Summary:Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries. |
| Microsoft Security Advisory (977377): Vulnerability in TLS/SSL Could Allow Spoofing - 8/10/2010 |
| Revision Note: V2.0 (August 10, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-049 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-049. The vulnerability addressed is the TLS/SSL Renegotiation Vulnerability - CVE-2009-3555. For additional information on this advisory, see Microsoft Knowledge Base Article 977377. |
| Microsoft Security Advisory (2264072): Elevation of Privilege Using Windows Service Isolation Bypass - 8/10/2010 |
| Revision Note: V1.0 (August 10, 2010): Advisory published. Advisory Summary:Microsoft is aware of the potential for attacks that leverage the Windows Service Isolation feature to gain elevation of privilege. This advisory discusses potential attack scenarios and provides suggested actions that can help to protect against this issue. This advisory also offers a non-security update for one of the potential attack scenarios through Windows Telephony Application Programming Interfaces (TAPI). |
| Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution - 8/2/2010 |
| Revision Note: V2.0 (August 2, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. |
| Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution - 7/13/2010 |
| Revision Note: V2.0 (July 13, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-042 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-042. The vulnerability addressed is the Help Center URL Validation Vulnerability - CVE-2010-1885. |
| Microsoft Security Advisory (2028859): Vulnerability in Canonical Display Driver Could Allow Remote Code Execution - 7/13/2010 |
| Revision Note: V2.0 (July 13, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-043 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-043. The vulnerability addressed is the Canonical Display Driver Integer Overflow Vulnerability - CVE-2009-3678. |
| Microsoft Security Advisory (980088): Vulnerability in Internet Explorer Could Allow Information Disclosure - 6/9/2010 |
| Revision Note: V1.2 (June 9, 2010): Added information about MS10-035 and clarified a FAQ entry about the caching vector. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue. |
| Microsoft Security Advisory (983438): Vulnerability in Microsoft SharePoint Could Allow Elevation of Privilege - 6/8/2010 |
| Revision Note: V2.0 (June 8, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-039 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-039. The vulnerability addressed is the Help.aspx XSS Vulnerability - CVE-2010-0817. |
| Microsoft Security Advisory (973811): Extended Protection for Authentication - 6/8/2010 |
| Revision Note: V1.5 (June 8, 2010): Updated the FAQ with information about six non-security updates enabling .NET Framework to opt in to Extended Protection for Authentication. Advisory Summary:Microsoft is announcing the availability of a new feature, Extended Protection for Authentication, on the Windows platform. This feature enhances the protection and handling of credentials when authenticating network connections using Integrated Windows Authentication (IWA). |
| Microsoft Security Advisory (981169): Vulnerability in VBScript Could Allow Remote Code Execution - 4/13/2010 |
| Revision Note: V2.0 (April 13, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-022 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-022. The vulnerability addressed is the VBScript Help Keypress Vulnerability - CVE-2010-0483. |
| Microsoft Security Advisory (977544): Vulnerability in SMB Could Allow Denial of Service - 4/13/2010 |
| Revision Note: V2.0 (April 13, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-020 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-020. The vulnerability addressed is the SMB Client Incomplete Response Vulnerability - CVE-2009-3676. |
| Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 3/30/2010 |
| Revision Note: V2.0 (March 30, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-018 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-018. The vulnerability addressed is the Uninitialized Memory Corruption Vulnerability - CVE-2010-0806. |
| Microsoft Security Advisory (979682): Vulnerability in Windows Kernel Could Allow Elevation of Privilege - 2/9/2010 |
| Revision Note: V2.0 (February 9, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-015 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-015. The vulnerability addressed is the Windows Kernel Exception Handler Vulnerability - CVE-2010-0232. |
| Microsoft Security Advisory (979352): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 1/21/2010 |
| Revision Note: V2.0 (January 21, 2010): Advisory updated to reflect publication of security bulletin Advisory Summary:Microsoft has completed the investigation the public reports of this vulnerability. We have issued MS10-002 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-002. The vulnerability addressed is the HTML Object Memory Corruption Vulnerability - CVE-2010-0249. |
| Microsoft Security Advisory (979267): Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP Could Allow Remote Code Execution - 1/12/2010 |
| Revision Note: V1.0 (January 12, 2010): Advisory published. Advisory Summary:Security Advisory |
| Microsoft Security Advisory (977981): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 12/8/2009 |
| Revision Note: V2.0 (December 8, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed investigating public reports of this vulnerability. We have issued Microsoft Security Bulletin MS09-072 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-072. The vulnerability addressed is the HTML Object Memory Corruption Vulnerability - CVE-2009-3672. |
| Microsoft Security Advisory (974926): Credential Relaying Attacks on Integrated Windows Authentication - 12/8/2009 |
| Revision Note: V1.0 (December 8, 2009): Advisory published. Advisory Summary:This advisory addresses the potential for attacks that affect the handling of credentials using Integrated Windows Authentication (IWA), and the mechanisms Microsoft has made available for customers to help protect against these attacks. |
| Microsoft Security Advisory (954157): Security Enhancements for the Indeo Codec - 12/8/2009 |
| Revision Note: V1.0 (December 8, 2009): Advisory published. Advisory Summary:Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. |
| Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution - 10/13/2009 |
| Revision Note: V2.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Security Advisory |
| Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services - 10/13/2009 |
| Revision Note: V3.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this issue. We have released MS09-053 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-053. The vulnerabilities addressed are the IIS FTP Service DoS Vulnerability (CVE-2009-2521) and the IIS FTP Service RCE and DoS Vulnerability (CVE-2009-3023). |
| Microsoft Security Advisory (973882): Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution - 10/13/2009 |
| Revision Note: V4.0 (October 13, 2009): Advisory revised to add an entry in the Updates related to ATL section to communicate the release of Microsoft Security Bulletin MS09-060, "Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution." Advisory Summary:Security Advisory |
| Microsoft Security Advisory (967940): Update for Windows Autorun - 8/25/2009 |
| Revision Note: V1.1 (August 25, 2009): Summary revised to notify users of an update to Autorun that restricts AutoPlay functionality to CD-ROM and DVD-ROM media, available for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 from Microsoft Knowledge Base Article 971029. Advisory Summary:Microsoft is announcing the availability of an update that corrects a functionality feature that can help customers in keeping their systems protected. The update corrects an issue that prevents the NoDriveTypeAutoRun registry key from functioning as expected. |
| Microsoft Security Advisory (973472): Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution - 8/11/2009 |
| Revision Note: V2.0 (August 11, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation of a privately reported vulnerability in Microsoft Office Web Components. We have issued MS09-043 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-043. The vulnerability addressed is the Office Web Components HTML Script Vulnerability - CVE-2009-1136. |
| Microsoft Security Advisory (972890): Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution - 7/14/2009 |
| Revision Note: V2.0 (July 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-032 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-032. The vulnerability addressed is the Microsoft Video ActiveX Control Vulnerability - CVE-2008-0015. |
| Microsoft Security Advisory (971778): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution - 7/14/2009 |
| Revision Note: V2.0 (July 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-028 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-028. The vulnerability addressed is the DirectX NULL Byte Overwrite Vulnerability - CVE-2009-1537. |
| Microsoft Security Advisory (969898): Update Rollup for ActiveX Kill Bits - 6/17/2009 |
| Revision Note: V1.1 (June 17, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (960715): Update Rollup for ActiveX Kill Bits - 6/17/2009 |
| Revision Note: V1.2 (June 17, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (956391): Update Rollup for ActiveX Kill Bits - 6/17/2009 |
| Revision Note: V1.3 (June 17, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (971888): Update for DNS Devolution - 6/9/2009 |
| Revision Note: Advisory published. Advisory Summary:Microsoft is announcing the availability of an update to DNS devolution that can help customers in keeping their systems protected. Customers whose domain name has three or more labels , such as "contoso.co.us", or who do not have a DNS suffix list configured, or for whom the following mitigating factors do not apply may inadvertently be allowing client systems to treat systems outside of the organizational boundary as though they were internal to the organization's boundary. |
| Microsoft Security Advisory (971492): Vulnerability in Internet Information Services Could Allow Elevation of Privilege - 6/9/2009 |
| Revision Note: V2.0 (June 9, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-020 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-020. The vulnerability addressed is the IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability - CVE-2009-1535. |
| Microsoft Security Advisory (945713): Vulnerability in Web Proxy Auto-Discovery (WPAD) Could Allow Information Disclosure - 6/9/2009 |
| Revision Note: V2.0 (June 9, 2009): Advisory updated to reflect publication of security bulletin MS09-008 and Microsoft Security Advisory 971888. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-008 to address the WPAD issue and have released configuration guidance and updates for DNS devolution in Microsoft Security Advisory 971888. For more information about this issue, including download links for an available security update, please review MS09-008 and Microsoft Security Advisory 971888. The vulnerabilities addressed are the WPAD server registration vulnerabilities in WINS and DNS - CVE-2009-0094 and CVE-2009-0093. |
| Microsoft Security Advisory (969136): Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution - 5/12/2009 |
| Revision Note: V2.0 (May 12, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-017 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-017. The vulnerability addressed is the Memory Corruption Vulnerability - CVE-2009-0556. |
| Microsoft Security Advisory (968272): Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution - 4/14/2009 |
| Revision Note: V3.0 (April 14, 2009) Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. |
| Microsoft Security Advisory (960906): Vulnerability in WordPad Text Converter Could Allow Remote Code Execution - 4/14/2009 |
| Revision Note: V2.0 (April 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft is investigating new reports of a vulnerability in the WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Windows XP Service Pack 3, Windows Vista, and Windows Server 2008 are not affected as these operating systems do not contain the vulnerable code. |
| Microsoft Security Advisory (953818): Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform - 4/14/2009 |
| Revision Note: V2.0 (April 14, 2009): Added references and links to MS09-014 and MS09-015, which address the issue in this advisory. Advisory Summary:Microsoft has investigated public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory. |
| Microsoft Security Advisory (951306): Vulnerability in Windows Could Allow Elevation of Privilege - 4/14/2009 |
| Revision Note: V3.0 (April 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Security Advisory |
| Microsoft Security Advisory (953839): Update Rollup for ActiveX Kill Bits - 3/11/2009 |
| Revision Note: V1.3 (March 11, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (961040): Vulnerability in SQL Server Could Allow Remote Code Execution - 2/10/2009 |
| Revision Note: V2.0 (February 10, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-004 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-004. The vulnerability addressed is the Microsoft XML Core Services Vulnerability - CVE-2008-5416. |
| Microsoft Security Advisory (961509): Research proves feasibility of collision attacks against MD5 - 12/30/2008 |
| Revision Note: Advisory published Advisory Summary:Microsoft is aware that research was published at a security conference proving a successful attack against X.509 digital certificates signed using the MD5 hashing algorithm. This attack method would allow an attacker to generate additional digital certificates with different content that have the same digital signature as an original certificate. The MD5 algorithm had previously shown a vulnerability, but a practical attack had not yet been demonstrated. |
| Microsoft Security Advisory (961051): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 12/17/2008 |
| Revision Note: December 17, 2008: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-078 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-078. The vulnerability addressed is the Microsoft XML Core Services Vulnerability - CVE-2008-4844. |
| Microsoft Security Advisory (958963): Exploit Code Published Affecting the Server Service - 10/27/2008 |
| Revision Note: Advisory published Advisory Summary:Security Advisory |
| Microsoft Security Advisory (955179): Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution - 8/12/2008 |
| Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS08-041 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-041. The vulnerability addressed is the Snapshot Viewer Arbitrary File Download Vulnerability - CVE-2008-2463. |
| Microsoft Security Advisory (954960): Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates - 8/12/2008 |
| Revision Note: August 12, 2008: Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update to communicate that the re-release of the update to fix a known installation issue with Windows Server 2008 systems is now available via Microsoft Update. Advisory Summary:Microsoft has completed the investigation into public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954960. Microsoft encourages customers affected by this issue to review and install this update. |
| Microsoft Security Advisory (953635): Vulnerability in Microsoft Word Could Allow Remote Code Execution - 8/12/2008 |
| Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-042 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-042. The vulnerability addressed is the Word Record Parsing Vulnerability - CVE-2008-2244. |
| Microsoft Security Advisory (956187): Increased Threat for DNS Spoofing Vulnerability - 7/25/2008 |
| Revision Note: July 25, 2008: Advisory published. Advisory Summary:Microsoft released Microsoft Security Bulletin MS08-037, Vulnerabilities in DNS Could Allow Spoofing (953230), on July 8, 2008, offering security updates to protect customers against Windows Domain Name System (DNS) spoofing attacks. Microsoft released this update in coordination with other DNS vendors who were also similarly impacted. Since the coordinated release of these updates, the threat to DNS systems has increased due to a greater public understanding of the attacks, as well as detailed exploit code being published on the Internet. |
| Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unverified User Data Input - 6/25/2008 |
| Revision Note: June 25, 2008: Removed erroneous references to form field and cookie value testing from the HP Scrawlr tool description. Advisory Summary:Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database. When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine. |
| Microsoft Security Advisory (954474): System Center Configuration Manager 2007 Blocked from Deploying Security Updates - 6/17/2008 |
| Revision Note: June 17, 2008: Advisory updated to reflect availability of fix. Advisory Summary:Microsoft has completed the investigation into public reports of a non-security issue that affects environments with all supported versions of System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474. Microsoft encourages customers affected by this issue to review and install this update. |
| Microsoft Security Advisory (950627): Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution - 5/13/2008 |
| Revision Note: May 13, 2008: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into public reports of this vulnerability. We have issued Microsoft Security Bulletin MS08-028 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-028: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749). The vulnerability addressed is the Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability - CVE-2007-6026. |
| Microsoft Security Advisory (932596): Update to Improve Kernel Patch Protection - 4/23/2008 |
| Revision Note: April 23, 2008: Added an FAQ entry about known issues in installing the kernel update Advisory Summary:Security Advisory |
| Microsoft Security Advisory (947563): Vulnerability in Microsoft Excel Could Allow Remote Code Execution - 3/12/2008 |
| Revision Note: Advisory updated to reflect the correct Excel file formats in the MOICE Workarounds section. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-014 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-014. The vulnerability addressed is the Microsoft Excel Vulnerability - CVE-2008-0081. |
