Defense-in-depth

BlueHat Security Forum: Buenos Aires Edition–Shipping!

Handle:Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns I’m here at the second edition of the BlueHat Security Forum, this time in Buenos Aires. So far it is shaping up to …

BlueHat Security Forum: Buenos Aires Edition–Shipping! Read More »

BlueHat Security Forum: Buenos Aires Edition

Handle:C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hey Everyone! What speaks English, Portuguese and Spanish, has a hundred set of eyes, and battles in the defense of good against evil on a daily basis? …

BlueHat Security Forum: Buenos Aires Edition Read More »

MS10-007: Additional information and recommendations for developers

Today we are releasing MS10-007 to address a URL validation issue generally applicable to the ShellExecute API. How would a malicious user leverage this vulnerability? This issue involves how ShellExecute handles strings that appear to be legitimate URLs, but are malformed such that they result in execution of arbitrary code. Various technologies use ShellExecute to …

MS10-007: Additional information and recommendations for developers Read More »

Out-of-Band Security Bulletin Webcast Q&A – January 21, 2010

  Hosts:             Adrian Stone, Senior Security Program Manager Lead                           Jerry Bryant, Senior Security Communications Manager Lead Website:       TechNet/security Chat Topic:    January 2010 Out-of-Band Security BulletinDate:               Thursday, January 21,  2010   Q: I understand the severity for workstaitons. Is the severity lower for servers in terms of this vulnerability, since most servers (except Terminal Servers) …

Out-of-Band Security Bulletin Webcast Q&A – January 21, 2010 Read More »

Security Advisory 979352 Released

Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks.  Today, Microsoft issued guidance to help customers mitigate a Remote Code Execution (RCE) vulnerability in Internet Explorer.  Additionally, we are cooperating with Google and other companies, as …

Security Advisory 979352 Released Read More »

December 2009 Security Bulletin Release

Summary of Microsoft’s Security Bulletin Release for December 2009 As noted in our Advance Notification (ANS) last Thursday, for the December bulletin release we issued six security bulletins addressing 12 vulnerabilities. Affected products include Windows, Internet Explorer (IE) and Microsoft Office products. In the ANS, we also noted that the bulletin for IE (MS09-072) is …

December 2009 Security Bulletin Release Read More »

SEHOP per-process opt-in support in Windows 7

In a previous blog post we discussed the technical details of Structured Exception Handler Overwrite Protection (SEHOP) which is an exploit mitigation feature that was first introduced in Windows Vista SP1 and Windows Server 2008 RTM. SEHOP prevents attackers from being able to use the Structured Exception Handler (SEH) overwrite exploitation technique when attempting to …

SEHOP per-process opt-in support in Windows 7 Read More »

New attack surface reduction feature in GDI+

MS09-062 fixes several vulnerabilities in GDI+ related to image parsing. It also includes a feature which allows administrators to disable parsing for each of the different image formats. This feature was publicly released early this year in an optional GDI+ update available on the Microsoft Download Center, but is now being release as part of …

New attack surface reduction feature in GDI+ Read More »

Assessing the risk of the September Critical security bulletins

This morning we released five security bulletins, all of them having a bulletin maximum severity rating of Critical and two having a bulletin maximum exploitability index rating of “1” (Consistent exploit code likely). We wanted to just say a few words about each bulletin to help you prioritize your deployment this month. The following table …

Assessing the risk of the September Critical security bulletins Read More »

August 2009 Bulletin Release

Summary of Microsoft’s Security Bulletin Release for August 2009 Hi everyone, This month, we released nine security bulletins. Five of those are rated Critical and four have an aggregate severity rating of Important. Of the nine updates, eight affect Windows and the last one affects Office Web Components (OWC). It is also important to note …

August 2009 Bulletin Release Read More »