| Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 3/10/2010 |
| Revision Note: V1.1 (March 10, 2010): Restated the mitigation concerning the e-mail vector. Added a new workaround for disabling the peer factory class in iepeers.dll. Advisory Summary:Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the browser, Internet Explorer 8, is not affected. The main impact of the vulnerability is remote code execution. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue. |
| Microsoft Security Advisory (973811): Extended Protection for Authentication - 3/9/2010 |
| Revision Note: V1.3 (March 9, 2010): Updated the FAQ to announce the rerelease of the update that enables Internet Information Services to opt in to Extended Protection for Authentication. For more information, see Known issues in Microsoft Knowledge Base Article 973917. Advisory Summary:Microsoft is announcing the availability of a new feature, Extended Protection for Authentication, on the Windows platform. This feature enhances the protection and handling of credentials when authenticating network connections using Integrated Windows Authentication (IWA). |
| Microsoft Security Advisory (981169): Vulnerability in VBScript Could Allow Remote Code Execution - 3/1/2010 |
| Revision Note: V1.0 (March 1, 2010): Advisory published. Advisory Summary:Microsoft is investigating new public reports of a possible vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. The main impact of the vulnerability is remote code execution. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time. |
| Microsoft Security Advisory (980088): Vulnerability in Internet Explorer Could Allow Information Disclosure - 2/10/2010 |
| Revision Note: V1.1 (February 10, 2010): Specified the mitigation offered by Protected Mode. Also clarified an FAQ and workaround pertaining to Protected Mode. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue. |
| Microsoft Security Advisory (979682): Vulnerability in Windows Kernel Could Allow Elevation of Privilege - 2/9/2010 |
| Revision Note: V2.0 (February 9, 2010): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-015 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-015. The vulnerability addressed is the Windows Kernel Exception Handler Vulnerability - CVE-2010-0232. |
| Microsoft Security Advisory (977377): Vulnerability in TLS/SSL Could Allow Spoofing - 2/9/2010 |
| Revision Note: V1.0 (February 9, 2010): Advisory published. Advisory Summary:Microsoft is investigating public reports of a vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer(SSL)protocols. At this time, Microsoft is not aware of any attacks attempting to exploit the reported vulnerability. |
| Microsoft Security Advisory (979352): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 1/21/2010 |
| Revision Note: V2.0 (January 21, 2010): Advisory updated to reflect publication of security bulletin Advisory Summary:Microsoft has completed the investigation the public reports of this vulnerability. We have issued MS10-002 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-002. The vulnerability addressed is the HTML Object Memory Corruption Vulnerability - CVE-2010-0249. |
| Microsoft Security Advisory (979267): Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP Could Allow Remote Code Execution - 1/12/2010 |
| Revision Note: V1.0 (January 12, 2010): Advisory published. Advisory Summary:Security Advisory |
| Microsoft Security Advisory (977981): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 12/8/2009 |
| Revision Note: V2.0 (December 8, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed investigating public reports of this vulnerability. We have issued Microsoft Security Bulletin MS09-072 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-072. The vulnerability addressed is the HTML Object Memory Corruption Vulnerability - CVE-2009-3672. |
| Microsoft Security Advisory (974926): Credential Relaying Attacks on Integrated Windows Authentication - 12/8/2009 |
| Revision Note: V1.0 (December 8, 2009): Advisory published. Advisory Summary:This advisory addresses the potential for attacks that affect the handling of credentials using Integrated Windows Authentication (IWA), and the mechanisms Microsoft has made available for customers to help protect against these attacks. |
| Microsoft Security Advisory (954157): Security Enhancements for the Indeo Codec - 12/8/2009 |
| Revision Note: V1.0 (December 8, 2009): Advisory published. Advisory Summary:Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. |
| Microsoft Security Advisory (977544): Vulnerability in SMB Could Allow Denial of Service - 11/13/2009 |
| Revision Note: V1.0 (November 13, 2009): Advisory published. Advisory Summary:Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol. This vulnerability cannot be used to take control of or install malicious software on a user’s system. However, Microsoft is aware that detailed exploit code has been published for the vulnerability. Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary. |
| Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution - 10/13/2009 |
| Revision Note: V2.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Security Advisory |
| Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services - 10/13/2009 |
| Revision Note: V3.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this issue. We have released MS09-053 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-053. The vulnerabilities addressed are the IIS FTP Service DoS Vulnerability (CVE-2009-2521) and the IIS FTP Service RCE and DoS Vulnerability (CVE-2009-3023). |
| Microsoft Security Advisory (973882): Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution - 10/13/2009 |
| Revision Note: V4.0 (October 13, 2009): Advisory revised to add an entry in the Updates related to ATL section to communicate the release of Microsoft Security Bulletin MS09-060, "Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution." Advisory Summary:Security Advisory |
| Microsoft Security Advisory (967940): Update for Windows Autorun - 8/25/2009 |
| Revision Note: V1.1 (August 25, 2009): Summary revised to notify users of an update to Autorun that restricts AutoPlay functionality to CD-ROM and DVD-ROM media, available for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 from Microsoft Knowledge Base Article 971029. Advisory Summary:Microsoft is announcing the availability of an update that corrects a functionality feature that can help customers in keeping their systems protected. The update corrects an issue that prevents the NoDriveTypeAutoRun registry key from functioning as expected. |
| Microsoft Security Advisory (973472): Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution - 8/11/2009 |
| Revision Note: V2.0 (August 11, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation of a privately reported vulnerability in Microsoft Office Web Components. We have issued MS09-043 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-043. The vulnerability addressed is the Office Web Components HTML Script Vulnerability - CVE-2009-1136. |
| Microsoft Security Advisory (972890): Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution - 7/14/2009 |
| Revision Note: V2.0 (July 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-032 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-032. The vulnerability addressed is the Microsoft Video ActiveX Control Vulnerability - CVE-2008-0015. |
| Microsoft Security Advisory (971778): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution - 7/14/2009 |
| Revision Note: V2.0 (July 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-028 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-028. The vulnerability addressed is the DirectX NULL Byte Overwrite Vulnerability - CVE-2009-1537. |
| Microsoft Security Advisory (969898): Update Rollup for ActiveX Kill Bits - 6/17/2009 |
| Revision Note: V1.1 (June 17, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (960715): Update Rollup for ActiveX Kill Bits - 6/17/2009 |
| Revision Note: V1.2 (June 17, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (956391): Update Rollup for ActiveX Kill Bits - 6/17/2009 |
| Revision Note: V1.3 (June 17, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (971888): Update for DNS Devolution - 6/9/2009 |
| Revision Note: Advisory published. Advisory Summary:Microsoft is announcing the availability of an update to DNS devolution that can help customers in keeping their systems protected. Customers whose domain name has three or more labels , such as "contoso.co.us", or who do not have a DNS suffix list configured, or for whom the following mitigating factors do not apply may inadvertently be allowing client systems to treat systems outside of the organizational boundary as though they were internal to the organization's boundary. |
| Microsoft Security Advisory (971492): Vulnerability in Internet Information Services Could Allow Elevation of Privilege - 6/9/2009 |
| Revision Note: V2.0 (June 9, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-020 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-020. The vulnerability addressed is the IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability - CVE-2009-1535. |
| Microsoft Security Advisory (945713): Vulnerability in Web Proxy Auto-Discovery (WPAD) Could Allow Information Disclosure - 6/9/2009 |
| Revision Note: V2.0 (June 9, 2009): Advisory updated to reflect publication of security bulletin MS09-008 and Microsoft Security Advisory 971888. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-008 to address the WPAD issue and have released configuration guidance and updates for DNS devolution in Microsoft Security Advisory 971888. For more information about this issue, including download links for an available security update, please review MS09-008 and Microsoft Security Advisory 971888. The vulnerabilities addressed are the WPAD server registration vulnerabilities in WINS and DNS - CVE-2009-0094 and CVE-2009-0093. |
| Microsoft Security Advisory (969136): Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution - 5/12/2009 |
| Revision Note: V2.0 (May 12, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-017 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-017. The vulnerability addressed is the Memory Corruption Vulnerability - CVE-2009-0556. |
| Microsoft Security Advisory (968272): Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution - 4/14/2009 |
| Revision Note: V3.0 (April 14, 2009) Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. |
| Microsoft Security Advisory (960906): Vulnerability in WordPad Text Converter Could Allow Remote Code Execution - 4/14/2009 |
| Revision Note: V2.0 (April 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft is investigating new reports of a vulnerability in the WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Windows XP Service Pack 3, Windows Vista, and Windows Server 2008 are not affected as these operating systems do not contain the vulnerable code. |
| Microsoft Security Advisory (953818): Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform - 4/14/2009 |
| Revision Note: V2.0 (April 14, 2009): Added references and links to MS09-014 and MS09-015, which address the issue in this advisory. Advisory Summary:Microsoft has investigated public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory. |
| Microsoft Security Advisory (951306): Vulnerability in Windows Could Allow Elevation of Privilege - 4/14/2009 |
| Revision Note: V3.0 (April 14, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Security Advisory |
| Microsoft Security Advisory (953839): Update Rollup for ActiveX Kill Bits - 3/11/2009 |
| Revision Note: V1.3 (March 11, 2009): Added an entry to Frequently Asked Questions to communicate that for the purpose of automatic updating, this update does not replace the Cumulative Security Update of ActiveX Kill Bits (950760) that is described in Microsoft Security Bulletin MS08-032. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory. |
| Microsoft Security Advisory (961040): Vulnerability in SQL Server Could Allow Remote Code Execution - 2/10/2009 |
| Revision Note: V2.0 (February 10, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-004 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-004. The vulnerability addressed is the Microsoft XML Core Services Vulnerability - CVE-2008-5416. |
| Microsoft Security Advisory (961509): Research proves feasibility of collision attacks against MD5 - 12/30/2008 |
| Revision Note: Advisory published Advisory Summary:Microsoft is aware that research was published at a security conference proving a successful attack against X.509 digital certificates signed using the MD5 hashing algorithm. This attack method would allow an attacker to generate additional digital certificates with different content that have the same digital signature as an original certificate. The MD5 algorithm had previously shown a vulnerability, but a practical attack had not yet been demonstrated. |
| Microsoft Security Advisory (961051): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 12/17/2008 |
| Revision Note: December 17, 2008: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-078 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-078. The vulnerability addressed is the Microsoft XML Core Services Vulnerability - CVE-2008-4844. |
| Microsoft Security Advisory (958963): Exploit Code Published Affecting the Server Service - 10/27/2008 |
| Revision Note: Advisory published Advisory Summary:Security Advisory |
| Microsoft Security Advisory (955179): Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution - 8/12/2008 |
| Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS08-041 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-041. The vulnerability addressed is the Snapshot Viewer Arbitrary File Download Vulnerability - CVE-2008-2463. |
| Microsoft Security Advisory (954960): Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates - 8/12/2008 |
| Revision Note: August 12, 2008: Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update to communicate that the re-release of the update to fix a known installation issue with Windows Server 2008 systems is now available via Microsoft Update. Advisory Summary:Microsoft has completed the investigation into public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954960. Microsoft encourages customers affected by this issue to review and install this update. |
| Microsoft Security Advisory (953635): Vulnerability in Microsoft Word Could Allow Remote Code Execution - 8/12/2008 |
| Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-042 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-042. The vulnerability addressed is the Word Record Parsing Vulnerability - CVE-2008-2244. |
| Microsoft Security Advisory (956187): Increased Threat for DNS Spoofing Vulnerability - 7/25/2008 |
| Revision Note: July 25, 2008: Advisory published. Advisory Summary:Microsoft released Microsoft Security Bulletin MS08-037, Vulnerabilities in DNS Could Allow Spoofing (953230), on July 8, 2008, offering security updates to protect customers against Windows Domain Name System (DNS) spoofing attacks. Microsoft released this update in coordination with other DNS vendors who were also similarly impacted. Since the coordinated release of these updates, the threat to DNS systems has increased due to a greater public understanding of the attacks, as well as detailed exploit code being published on the Internet. |
| Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unverified User Data Input - 6/25/2008 |
| Revision Note: June 25, 2008: Removed erroneous references to form field and cookie value testing from the HP Scrawlr tool description. Advisory Summary:Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database. When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine. |
| Microsoft Security Advisory (954474): System Center Configuration Manager 2007 Blocked from Deploying Security Updates - 6/17/2008 |
| Revision Note: June 17, 2008: Advisory updated to reflect availability of fix. Advisory Summary:Microsoft has completed the investigation into public reports of a non-security issue that affects environments with all supported versions of System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474. Microsoft encourages customers affected by this issue to review and install this update. |
| Microsoft Security Advisory (950627): Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution - 5/13/2008 |
| Revision Note: May 13, 2008: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into public reports of this vulnerability. We have issued Microsoft Security Bulletin MS08-028 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-028: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749). The vulnerability addressed is the Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability - CVE-2007-6026. |
| Microsoft Security Advisory (932596): Update to Improve Kernel Patch Protection - 4/23/2008 |
| Revision Note: April 23, 2008: Added an FAQ entry about known issues in installing the kernel update Advisory Summary:Security Advisory |
| Microsoft Security Advisory (947563): Vulnerability in Microsoft Excel Could Allow Remote Code Execution - 3/12/2008 |
| Revision Note: Advisory updated to reflect the correct Excel file formats in the MOICE Workarounds section. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-014 to address this issue. For more information about this issue, including download links for an available security update, please review MS08-014. The vulnerability addressed is the Microsoft Excel Vulnerability - CVE-2008-0081. |
| Microsoft Security Advisory (943411): Update to Improve Windows Sidebar Protection - 1/8/2008 |
| Revision Note: Advisory Published. Advisory Summary:An update is available for currently supported editions of the Windows Vista operating system. The update to improve Windows Sidebar Protection enables Windows Sidebar to help block gadgets from running in Sidebar. For more information about installing this update, see Microsoft Knowledge Base Article 943411. |
| Microsoft Security Advisory (944653): Vulnerability in Macrovision SECDRV.SYS Driver on Windows Could Allow Elevation of Privilege - 12/11/2007 |
| Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS07-067 to address this issue. For more information about this issue, including download links for an available security update, please review MS07-067. The vulnerability addressed is the Macrovision Driver Vulnerability - CVE-2007-5587. |
| Microsoft Security Advisory (943521): URL Handling Vulnerability in Windows XP and Windows Server 2003 with Windows Internet Explorer 7 Could Allow Remote Code Execution - 11/13/2007 |
| Revision Note: Advisory updated to reflect publication of security bulletin Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS07-061 to address this issue. For more information about this issue, including download links for an available security update, please review MS07-061. The vulnerability addressed is the Windows URI Handling Vulnerability - CVE-2007-3896. |
| Microsoft Security Advisory (927891): Update for Windows Installer (MSI) - 5/24/2007 |
| Revision Note: Advisory updated to change title from "Fix for Windows Installer (MSI)" to "Update for Windows Installer (MSI)," make minor edits, and remove unnecessary FAQ. Advisory Summary:Today we are announcing the availability of an update that does not address a security vulnerability, but is a high priority for customers in keeping their systems updated. |
| Microsoft Security Advisory (937696): Release of Microsoft Office Isolated Conversion Environment (MOICE) and File Block Functionality for Microsoft Office - 5/21/2007 |
| Revision Note: Advisory Published: May 21, 2007 Advisory Summary:Security Advisory |
| Microsoft Security Advisory (933052): Vulnerability in Microsoft Word Could Allow Remote Code Execution - 5/9/2007 |
| Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS07-024 to address this issue. For more information about this issue, including download links for an available security update, please review MS07-024. |
