Microsoft Office

Coming together to address Encapsulated PostScript (EPS) attacks

Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the attacks described below. As a best practice to ensure customers …

Coming together to address Encapsulated PostScript (EPS) attacks Read More »

February 2015 Updates

Today, as part of Update Tuesday, we released nine security bulletins – three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software.  We encourage you to apply all of these updates. For more information about this …

February 2015 Updates Read More »

November 2014 Updates

Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office, .NET Framework, Internet Information Services (IIS), Remote Desktop Protocol (RDP), Active Directory Federation Services (ADFS), Input Method Editor …

November 2014 Updates Read More »

Advance Notification Service for the November 2014 Security Bulletin Release

Today, we provide advance notification for the release of 16 Security Bulletins. Five of these updates are rated Critical, nine are rated as Important, and two are rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer, Office, Exchange, .NET Framework, Internet Information Services (IIS), Remote Desktop Protocol (RDP), Active Directory Federation Services …

Advance Notification Service for the November 2014 Security Bulletin Release Read More »

Security Advisory 3010060 released

Today, we released Security Advisory 3010060 to provide additional protections regarding limited, targeted attacks directed at Microsoft Windows customers. A cyberattacker could cause remote code execution if someone is tricked into opening a maliciously-crafted PowerPoint document that contains an infected Object Linking and Embedding (OLE) file. As part of this Security Advisory, we have included an easy, …

Security Advisory 3010060 released Read More »

Theoretical Thinking and the June 2014 Bulletin Release

As security professionals, we are trained to think in worst-case scenarios.  We run through the land of the theoretical, chasing “what if” scenarios as though they are lightning bugs to be gathered and stashed in a glass jar.  Most of time, this type of thinking is absolutely the correct thing for security professionals to do. …

Theoretical Thinking and the June 2014 Bulletin Release Read More »

The May 2014 Security Updates

Today, we released eight security bulletins – two rated Critical and six rated Important – to address 13 Common Vulnerability & Exposures (CVEs) in .NET Framework, Office, SharePoint, Internet Explorer, and Windows. We encourage you to apply all of these updates, but for those who need to prioritize their deployment planning, we recommend focusing on …

The May 2014 Security Updates Read More »

Advance Notification Service for the May 2014 Security Bulletin Release

Today we provide Advance Notification Service (ANS) for the release of eight bulletins, two rated Critical and six rated Important in severity. These updates will address vulnerabilities for .NET Framework, Office, Internet Explorer, and Windows. As we do every month, we’ve scheduled the security bulletin release for the second Tuesday of the month, May 13, …

Advance Notification Service for the May 2014 Security Bulletin Release Read More »