Previous
Microsoft patches four critical IE, Exchange holes
News Microsoft Security Bulletin MS09-002 plugs two critical holes in IE that could allow remote code execution if an IE user views a web page that has malicious code, according to Microsoft's notification.
[February 11, 2009, 10:12]
Microsoft Exchange Patch
Talkback The Exchange bulletin is a remote code executive, and as far as sensitive information and critical data are concerned, this has proven to be the easiest target for hackers to infiltrate. A similar vulnerability in the past that involves TNEF.http...
[February 16, 2009, 12:53]
August Windows patches arrive
News A flaw in the plug-and-play feature in Windows could allow an anonymous attacker to remotely access and control Windows 2000 systems, Microsoft said in security bulletin MS05-039. Because of a flaw in the way Windows handles remote desktop requests...
[August 10, 2005, 9:10]
Microsoft patches eight critical flaws
News Entitled 'Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)', this bulletin affects all supported editions of Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008, Microsoft Internet Explorer 6 Service Pack 1...
[September 10, 2008, 8:46]
Microsoft rolls out record Patch Tuesday fixes
News The June security Patch Tuesday bulletin resolves eight vulnerabilities in IE, the more severe of which could allow remote code execution if a user views a specially crafted web page. The bulletin addresses 31 vulnerabilities.
[June 10, 2009, 8:37]
Microsoft issues six 'critical', two 'important' patches
News Entitled 'Vulnerabilities in Microsoft Office Excel could allow remote code execution (959070)', this bulletin is rated critical for all supported editions of Office Excel 2000. Microsoft said this bulletin resolves "eight privately reported...
[December 10, 2008, 13:37]
Microsoft patches Excel, Windows, Word flaws
News The patch affects Microsoft Office, 2002, 2003 and 2007, as well as Microsoft Office 2004 and 2008 for the Mac, according to the Microsoft bulletin. Ten of the vulnerabilities have either exploits out in the wild or there is proof-of-concept code...
[April 15, 2009, 8:22]
Microsoft: Patch now or turn off Bluetooth
News The Bluetooth stack flaw, detailed in Microsoft bulletin CVE-2008-1453 and rated 'critical', could allow an attacker to take complete control of an affected system, install programs, alter data or create new accounts with full user rights.
[June 11, 2008, 12:34]
New Windows flaw similar to MSBlast bug
News An attacker who successfully exploited either of the buffer overrun vulnerabilities could gain complete control over a remote computer," Microsoft stated in a bulletin released on Wednesday. The bulletin released Wednesday, MS03-039, supersedes...
[September 11, 2003, 10:57]
Microsoft Patch Tuesday brings three critical fixes
News As detailed in the Microsoft security bulletin summary for May 2008, one of the critical patches addresses vulnerabilities in Word that could allow for remote code execution. A full list of affected versions is available in Microsoft security...
[May 15, 2008, 13:07]
Microsoft fixes holes in Server Message Block
News Microsoft Security Bulletin MS09-001, part of the Patch Tuesday bulletin for January, is rated critical for Microsoft Windows 2000, Windows XP and Windows Server 2003, and moderate for Windows Vista and Windows Server 2008.
[January 14, 2009, 12:22]
Microsoft's five critical security bulletins for July
News Microsoft Security Bulletin MS06-037, "Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution", addresses multiple Excel vulnerabilities that can allow remote code execution. Microsoft Security Bulletin MS06-036, "Vulnerability in...
[July 24, 2006, 13:30]
Microsoft's latest patches: What you need to know
News Leading off the year, Microsoft Security Bulletin MS05-001, "Vulnerability in HTML Help Could Allow Code Execution", includes fixes for a remote code execution vulnerability found in most versions of Windows (and all service packs) when running...
[January 14, 2005, 13:40]
Microsoft's February security bulletins
News Microsoft Security Bulletin MS06-006, Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution, addresses a Windows Media Player plug-in vulnerability (CVE-2006-0005), which is due to...
[February 21, 2006, 13:30]
Tackling Microsoft's August patches: Part 2
News Microsoft Security Bulletin MS06-041, "Vulnerabilities in DNS Resolution Could Allow Remote Code Execution", fixes two vulnerabilities: Winsock Hostname Vulnerability (CVE-2006-3440) and DNS Client Buffer Overrun Vulnerability (CVE-2006-3441).
[August 22, 2006, 13:10]
Microsoft Patch Tuesday brings six critical updates
News In Security Bulletin MS08-041, Microsoft warned that attackers could further use the internet to exploit a vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access. Security Bulletin MS08-044 gives details of five critical...
[August 13, 2008, 12:31]
Microsoft's Gopher hole deepens
News If a user were prevented by security policies from deleting files or changing security settings, the attacker's code would also be prevented from those actions," the bulletin states. The problem results from an "unchecked buffer in the code which...
[June 13, 2002, 9:08]
A Year Ago: Microsoft addresses another IE hole
News Microsoft has issued a security bulletin concerning a potentially dangerous new variation of the Cuartango Hole in Internet Explorer 4.01 and Windows 98 that BugNet reported last month. Microsoft highly recommends that all affected customers...
[November 23, 1999, 6:07]
More Windows exploit code published
News Microsoft provided a patch in November with security bulletin MS05-053 and warned that the vulnerability could create an opening for spyware and Trojan horse attacks. Microsoft is aware that detailed exploit code has been published on the Internet...
[November 30, 2005, 8:20]
New Year, old flaws in Windows and Internet Explorer review
Reviews As an alternative, Microsoft, in its detailed summary of the security bulletin, offers other workarounds, including running the HTML Help ActiveX Control within the local security zone within Internet Explorer (for a detailed explanation of what...
[January 17, 2005, 7:45]
