rating

Assessing risk for the March 2013 security updates

Today we released seven security bulletins addressing 20 CVE’s. Four of the bulletins have a maximum severity rating of Critical, and three have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity …

Assessing risk for the March 2013 security updates Read More »

Assessing risk for the February 2013 security updates

Today we released twelve security bulletins addressing 57 CVE’s. Five of the bulletins have a maximum severity rating of Critical, and seven have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity …

Assessing risk for the February 2013 security updates Read More »

Assessing risk for the January 2013 security updates

Today we released seven security bulletins addressing 12 CVE’s. Two of the bulletins have a maximum severity rating of Critical, and five have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity …

Assessing risk for the January 2013 security updates Read More »

Assessing risk for the November 2012 security updates

Today we released six security bulletins addressing 19 CVE’s. Four of the bulletins have a maximum severity rating of Critical, one has a maximum severity rating of Important, and one has a maximum severity rating of Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. …

Assessing risk for the November 2012 security updates Read More »

Assessing risk for the October 2012 security updates

Today we released seven security bulletins addressing 20 CVEs (7 Microsoft and 13 Oracle CVE’s). Only one of the bulletins is rated Critical. The other six have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack …

Assessing risk for the October 2012 security updates Read More »

MS12-054: Not all remote, pre-auth vulnerabilities are equally appetizing for worms..

We released security update MS12-054 to address four privately reported issues in Windows networking components failing to properly handle malformed Remote Administration Protocol (RAP) responses. The most severe of these issues, CVE-2012-1851, is a format string vulnerability in the printer spooler service while handling a response message and is a wormable-class vulnerability on Windows XP …

MS12-054: Not all remote, pre-auth vulnerabilities are equally appetizing for worms.. Read More »

Assessing risk for the August 2012 security updates

Today we released nine security bulletins addressing 26 CVE’s (13 Microsoft and 13 Oracle CVE’s). Five of the bulletins have a maximum severity rating of Critical and the other four have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. …

Assessing risk for the August 2012 security updates Read More »

Assessing risk for the June 2012 security updates

Today we released seven security bulletins. Three have a maximum severity rating of Critical and the other four have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Likely …

Assessing risk for the June 2012 security updates Read More »

Assessing risk for the February 2012 security updates

Today we released nine security bulletins. Four have a maximum severity rating of Critical with the other five having a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first …

Assessing risk for the February 2012 security updates Read More »

More information on MS12-004

This month we released MS12-004 to address CVE-2012-0003 and CVE-2012-0004. CVE-2012-0003 The most severe of these vulnerabilities is CVE-2012-0003 which is a Critical, Remote Code Execution vulnerability. This CVE affects all editions of Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008. Windows 7 is not affected by this vulnerability. An effective workaround …

More information on MS12-004 Read More »