Tue, 17/02/09 – 18:00 | No Comment

US-CERT is aware of a public report indicating active exploitation of a previously patched vulnerability in Microsoft Internet Explorer 7. This vulnerability was addressed in Microsoft Security Advisory MS09-002. …

Read the full story »
Articles

Patch management and related articles.

Bulletins

Microsoft’s monthly security bulletins.

Downloads

Security-related downloads from Microsoft download center.

Exploits

Various exploits seen in the wild.

KB Articles

Microsoft knowledge base articles.

Home » Archive by Tags

Articles tagged with: security

RE: Twitter attack exposes awesome power of clickjacking
Monday, 16 Feb, 2009 – 12:45 | No Comment

Truth but defeated ! Microsoft has built clickjack protection in its new browser IE8 Security patches are about to be released and are under development for IE8 Statistics speaks IE8 will be the target.But Microsoft should overcome the upgraded codes for this security vulneribility in near future. PS: Post the same under suggestions for Microsoft.

Re: Error # 0×80072efd when updating WP Prp SP2
Monday, 16 Feb, 2009 – 12:21 | No Comment

JWL wrote: Error: 80072EFD = ERROR_INTERNET_CANNOT_CONNECT Translation: Cannot connect to the Internet server There’s a possibility that either a 3rd party firewall, anti-spyware program, web accelerator, Internet security/antivirus program and/or a proxy server is interfering with the Windows Update Services (SVCHOST) accessing

FLEXnet Connect 6.1 Security Update
Monday, 16 Feb, 2009 – 2:43 | No Comment

Acresso has published a fix for a security issue in FLEXnet Connect (previously called InstallShield Update Service) that was reported in September 2008. The problem was that FLEXnet connect used an unauthenticated HTTP connection to download and execute scripts from the update server.

MS09-002 - Critical: Cumulative Security Update for Internet Explorer (961260) - Version:1.1
Monday, 16 Feb, 2009 – 0:00 | No Comment

Severity Rating: Critical - Revision Note: V1.1 (February 16, 2009): Added a link to Microsoft Knowledge Base Article 961260 under Known Issues in the Executive Summary.Summary: This security update resolves two privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS09-003 - Critical: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) - Version:2.0
Monday, 16 Feb, 2009 – 0:00 | No Comment

Severity Rating: Critical - Revision Note: V2.0 (February 16, 2009): Added the Microsoft Exchange Server MAPI Client as affected software. Also, added several entries to the section, Frequently Asked Questions (FAQ) Related to This Security Update, relating to updating the MAPI Client and the Exchange System Management tools

Microsoft Security Updates - February 2009 PATCH NOW
Friday, 13 Feb, 2009 – 13:44 | No Comment
Microsoft Security Updates - February 2009 PATCH NOW

Microsoft and other security firms are warning that IE could be soon exploited based on reserved engineering techniques used by malware writers.  It’s important to apply these security updates expediently to ensure protection . Microsoft Security Updates - February 2009 http://www.microsoft.com/technet/security/bulletin/ms09-Feb.mspx http://isc.sans.org/diary.html?storyid=5836 http://www.f-secure.com/weblog/archives/00001604.html   Microsoft have released details of this month’s patches as part of February “Patch Tuesday”. The 4 patches that have been released are as follows: Critical: MS09-002 - Cumulative Security Update for Internet Explorer (961260) Affects: Internet Explorer 7 Link: http://www.microsoft.com/technet/security/Bulletin/MS09-002.mspx MS09-003 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) Affects: Microsoft Exchange Server 2000/2003/2007 Link: http://www.microsoft.com/technet/security/Bulletin/MS09-003.mspx Important: MS09-004 - Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) Affects: SQL Server 2000/2005 (Inc Desktop/Express Editions) Link: http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx MS09-005 - Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634) Affects: Visio 2002/2003/2007 Link: http://www.microsoft.com/technet/security/bulletin/MS09-005.mspx

Microsoft Security Bulletins for Feb. 2009 - Security Cadets Forum
Friday, 13 Feb, 2009 – 9:28 | No Comment

… MS09-002 - Cumulative Security Update for Internet Explorer (961260) MS09-0 ..

Microsoft Security Bulletin Minor Revisions - February 11, 2009
Thursday, 12 Feb, 2009 – 0:51 | No Comment

Issued: February 11, 2009 Summary The following bulletins have undergone a minor revision increment. Please see the appropriate bulletin for more details.

February monthly security bulleting release
Wednesday, 11 Feb, 2009 – 7:08 | No Comment

I just saw that the folks over on the MSRC blog just posted the info for the February security bulleting release.

February monthly security bulleting release
Wednesday, 11 Feb, 2009 – 7:08 | No Comment

I just saw that the folks over on the MSRC blog just posted the info for the February security bulleting release.

Jan09 Security Bulletin SDL Benefit Summary
Wednesday, 11 Feb, 2009 – 4:24 | No Comment

When I do analysis and reports on Microsoft products, I typically look for where the Security Development Lifecycle (SDL) has helped to provide improvement and provide some stats on that.  This year, I decided to try and do this monthly to make it easier for me that when I do it all at once. Once I started doing it, I realized that it might be interesting to share it.  This is my first draft, so format may evolve over time.  I hope you find this information useful. First, here is a summary of the 3 vulnerabilities addressed in January, which were addressed in a single update (MS09-001)

There’s Something about SQL! : Microsoft Security Bulletin MS09 …
Wednesday, 11 Feb, 2009 – 2:30 | No Comment

Microsoft Security Bulletin MS09-004 – Important.