network protocol

MS11-053: Vulnerability in the Bluetooth stack could allow remote code execution

The single Critical vulnerability in today’s batch of security updates addresses an issue in the Bluetooth stack. Your workstations’ risk to this vulnerability varies, depending on a number of factors. I’d like to use this blog post to outline those risk factors. How can I protect my system? The best way to protect any potentially …

MS11-053: Vulnerability in the Bluetooth stack could allow remote code execution Read More »

MS11-019 and MS11-020: April SMB Updates

This month we released updates for the SMB client and server components (MS11-019 and MS11-020 respectively). These bulletins address three externally-reported issues, but also include fixes for several issues that Microsoft identified internally. This blog post provides background on these issues and the work done internally at Microsoft to improve SMB security. Finding and issuing …

MS11-019 and MS11-020: April SMB Updates Read More »

Notes on exploitability of the recent Windows BROWSER protocol issue

Earlier this week a PoC exploit for a vulnerability in the BROWSER protocol was released on Full Disclosure. There has been some discussion regarding whether this issue can result in Remote Code Execution (RCE) or is only a Denial of Service (DoS). This blog post provides details on the exploitability based on our internal analysis. …

Notes on exploitability of the recent Windows BROWSER protocol issue Read More »

MS10-061: Printer Spooler Vulnerability

This morning we released security bulletin MS10-061 to address an issue in the Windows print spooler. In this blog post, we’d like to provide additional detail about the specific configurations of Windows that are vulnerable to this issue and more background on its connection to the Stuxnet malware. Vulnerable configurations Depending on the configuration, the …

MS10-061: Printer Spooler Vulnerability Read More »

MS10-065: Exploitability of the IIS FastCGI request header vulnerability

This month, Microsoft released an update for IIS that addresses three vulnerabilities. The blog post focuses on one of these: the Request Header Buffer Overflow Vulnerability (CVE-2010-2730), which affects IIS version 7.5 and has a maximum security impact of Remote Code Execution (RCE). Below we provide more details on the vulnerability and the potential for …

MS10-065: Exploitability of the IIS FastCGI request header vulnerability Read More »

MS10-054: Exploitability Details for the SMB Server Update

This month Microsoft released an update for Windows to address three vulnerabilities in the SMB Server component. Two of the vulnerabilities are remote denial-of-service (DoS) attacks, while one (CVE-2010-2550) has the potential for remote code execution (RCE). This blog post provides more details on the exploitability of CVE-2010-2550, and outlines why the risk of reliable …

MS10-054: Exploitability Details for the SMB Server Update Read More »

MS10-030: Malicious Mail server vulnerability

Today we released the fix for CVE-2010-0816 in MS10-030. This vulnerability affects Outlook Express, Windows Mail, and Windows Live Mail. We recommend that you install the update as soon as possible, but realize that some customers may need to prioritize which updates they install first. While the vulnerability is rated critical, many customers may not …

MS10-030: Malicious Mail server vulnerability Read More »

MS10-020: SMB Client Update

Today Microsoft released MS10-020, which addresses several vulnerabilities in the Windows SMB client. This blog post provides additional details to help prioritize installation of the update, and understand the attack vectors and mitigations that apply. Client-side vulnerabilities The first thing to realize is that this update addresses vulnerabilities in the SMB client in Windows. Typically, machines …

MS10-020: SMB Client Update Read More »

MS10-006 and MS10-012: SMB security bulletins

Today we released two bulletins to address vulnerabilities in SMB. MS10-006 addresses two vulnerabilities in the SMBv1 client implementation, and MS10-012 addresses four vulnerabilities in the SMB server implementation. In this blog entry, we want to help you understand the vulnerabilities and better prioritize the updates. What are the SMB server vulnerabilities and how could …

MS10-006 and MS10-012: SMB security bulletins Read More »

Details on the New TLS Advisory

Security Advisory 977377: Vulnerability in TLS Could Allow Spoofing In August of 2009, researchers at PhoneFactor discovered a vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. As the issue is present in the actual TLS/SSL-standard, not only our implementation, Microsoft is working together with ICASI, the Industry Consortium for Advancement …

Details on the New TLS Advisory Read More »