Previous
Microsoft Patch Tuesday Brings Six Critical Updates
News The vulnerabilities, as detailed in Microsoft Security Bulletin MS08-045, relate to HTML objects memory corruption, HTML component handling and uninitialised memory corruption. In Security Bulletin MS08-041, Microsoft warned that attackers could...
[August 13, 2008, 12:31]
Hole Opens Office 97 Users To Hijack
News We are developing a security bulletin to provide full information on the vulnerability and the products affected. At this writing, Microsoft's official security bulletin was not yet available. The hole, which is present on any Windows or NT system...
[July 30, 1999, 16:32]
New Year, Old Flaws In Windows And Internet Explorer review
Reviews Security bulletin number one As an alternative, Microsoft, in its detailed summary of the security bulletin, offers other workarounds, including running the HTML Help ActiveX Control within the local security zone within Internet Explorer (for a...
[January 17, 2005, 7:45]
Experts Warn On 'unpatched' Vulnerability
News The relevant Microsoft bulletin was issued on 20 August and last updated on 8 September. Subsequent to issuing this security bulletin, Microsoft received reports that the patch provided with this bulletin does not properly correct the Object Type...
[September 29, 2003, 9:10]
Easy File Sharing Web Server
Downloads Easy File Sharing Web Server also provides a bulletin board system, or forum, to which remote users can post messages and files. Easy File Sharing Web Server is a Windows program that allows you to host a secure, Web-based, file-sharing system...
[July 26, 2008, 9:01]
All Windows Systems Vulnerable To Jscript Flaw
News Microsoft Security Bulletin MS03-008 reports that a heap overflow flaw in the Windows Script Engine for Jscript (specifically, Jscript.dll) can allow an attacker to run arbitrary code on a vulnerable system if the user visits a Web page containing...
[March 31, 2003, 13:40]
IE Flaw Puts Credit Card Info At Risk
News The vulnerability exists within IE 5.5 and 6.0, but earlier browser editions "may or may not be affected," according to a security bulletin posted to Microsoft's Web site on Thursday. The security flaw allows an outsider to break into cookies...
[November 12, 2001, 9:42]
Microsoft Rushes To Fix Outlook Flaw
News The View Control is only supposed to allow users to view messages or calendar entries, but an attacker need only entice a user into visiting a specially coded Web page in order to run the code to exploit the flaw, according to a bulletin released...
[July 18, 2001, 15:59]
Underground Homes In On Microsoft Server Flaw
News It's not known how long this new Web server flaw has been known in the underground, but the problem was being discussed openly on a hacker bulletin board for at least a week. The first mention of a problem came 10 October, when an anonymous poster...
[October 18, 2000, 12:32]
Microsoft Patches 'important' XP, Windows Server 2003 Flaw
News The patch is posted to the company's security Web site, as is a bulletin outlining the flaw. The bulletin was released as part of Microsoft's regularly scheduled monthly security update, according to Stephen Toulouse, a security programme manager...
[May 12, 2004, 8:35]
Microsoft Patches New Security Flaws
News A second bulletin, rated "moderate", addresses a vulnerability in Windows Media Services that, if exploited, could result in a denial-of-service attack. As for Microsoft's second bulletin, which addresses Windows Media Services, a flaw in one of...
[May 29, 2003, 7:47]
'Critical' Windows Fix Rushed Out
News An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML email that could potentially allow remote code execution if a user visited the Web page or viewed the message," Microsoft said in security bulletin...
[September 27, 2006, 10:05]
Microsoft Issues Alert On Three 'critical' Flaws
News The Internet Explorer bulletin is rated as 'critical' across all platforms except Windows 2003," Toulouse said. Users who don't patch their systems could leave the computers open to attack through a fake Web page or an HTML email that contains the...
[August 21, 2003, 8:45]
Major Windows Flaw Patched
News A remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields," Microsoft said in its bulletin. The monthly security bulletin addresses a vulnerability found in Windows...
[May 11, 2005, 9:35]
Microsoft's Gopher Hole Deepens
News If a user were prevented by security policies from deleting files or changing security settings, the attacker's code would also be prevented from those actions," the bulletin states. The problem results from an "unchecked buffer in the code which...
[June 13, 2002, 9:08]
Microsoft Launches Critical IE Patches
News In all instances, an attacker would have to create a malicious Web site and trick people into visiting that site to hook into a PC, Microsoft said in its Security Bulletin MS06-013. According to Microsoft's bulletin, three of the ten...
[April 12, 2006, 9:20]
Coding Error Thwarts Paralympic Phishing Scam
Talkback If you don't have Microsoft Security Bulletin MS04/004 installed, the specially formed linked will load the phishers site, but the address bar will say the Paralympic site's address. Text below from: http://www.microsoft.com/technet/security...
[June 3, 2004, 5:15]
Microsoft: Patch Now Or Turn Off Bluetooth
News The Bluetooth stack flaw, detailed in Microsoft bulletin CVE-2008-1453 and rated 'critical', could allow an attacker to take complete control of an affected system, install programs, alter data or create new accounts with full user rights.
[June 11, 2008, 12:34]
Microsoft Patches Two DRM Holes
News The Japanese hack emerged several weeks ago, when programmers on a public online bulletin board were found to be discussing ways to strip the copy protection off Windows Media files. The process exploited a feature of the Media Player content...
[February 17, 2005, 8:55]
'BubbleBoy' Virus Breaks New Ground
News Last month, researchers at the Virus Bulletin conference in Vancouver speculated that something like BubbleBoy could be created. In a security bulletin dated August 31, Microsoft posted a patch that eliminates the security vulnerabilities in two...
[November 10, 1999, 8:12]
