Zero-Day Exploit – Page 2 – Microsoft Security Response Center

Microsoft “Fix it” available to mitigate Internet Explorer 8 vulnerability

Security Research & Defense / By swiat / May 8, 2013 June 20, 2019

Today, we are making available a “Microsoft Fix it” solution to block attacks leveraging the Internet Explorer 8 (IE8) vulnerability described in Security Advisory 2847140. This code-signed, easily downloadable and install-able Fix it package uses the Windows application compatibility toolkit to make a small change at runtime to mshtml.dll every time IE is loaded. Here …

Microsoft “Fix it” available to mitigate Internet Explorer 8 vulnerability Read More »

Microsoft Releases Security Advisory 2794220

MSRC / By msrc / December 29, 2012 June 20, 2019

Today, we released Security Advisory 2794220 regarding an issue that impacts Internet Explorer 6, 7, and 8. We are only aware of a very small number of targeted attacks at this time. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an …

Microsoft Releases Security Advisory 2794220 Read More »

New vulnerability affecting Internet Explorer 8 users

Security Research & Defense / By swiat / December 29, 2012 June 20, 2019

Today, the MSRC released Security Advisory 2794220 alerting customers to limited, targeted attacks affecting customers using Internet Explorer 6, 7, and 8. Internet Explorer 9 and Internet Explorer 10 users are safe. More information about the vulnerability and exploit In this particular vulnerability, IE attempts to reference and use an object that had previously been …

New vulnerability affecting Internet Explorer 8 users Read More »

New version of EMET is now available

Security Research & Defense / By swiat / May 18, 2011 June 20, 2019

Today we are pleased to announce a new version of the Enhanced Mitigation Experience Toolkit (EMET) with brand new features and mitigations. Users can click here to download the tool free of charge. The Enhanced Mitigation Experience Toolkit enables and implements different techniques to make successful attacks on your system more difficult. EMET is designed …

New version of EMET is now available Read More »

Microsoft Releases Security Advisory 2458511

MSRC / By msrc / November 2, 2010 June 20, 2019

Hi everyone, Today we released Security Advisory 2458511 to address a new vulnerability that could impact Internet Explorer users if they visit a website hosting malicious code. As of now, the impact of this vulnerability is extremely limited and we are not aware of any affected customers. The exploit code was discovered on a single …

Microsoft Releases Security Advisory 2458511 Read More »

Coordinated Vulnerability Disclosure: Bringing Balance to the Force

BlueHat / By bluehat / July 22, 2010 June 20, 2019

Today on the MSRC blog, Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated Vulnerability Disclosure. I wanted to provide some context and history on how this came about. This post is about changing the way we at Microsoft talk about some familiar disclosure concepts, and is meant as an introduction …

Coordinated Vulnerability Disclosure: Bringing Balance to the Force Read More »

Security Advisory 2286198 Updated

MSRC / By msrc / July 20, 2010 June 20, 2019

We’ve just updated Microsoft Security Advisory 2286198 to let customers know that we now have an automated “Fix It” available to implement the workaround we first outlined in our original posting on Friday, July 16, 2010. More information is available in the KB article 2286198, but in summary running the “Fix It” can help prevent …

Security Advisory 2286198 Updated Read More »

July 2010 Security Bulletin Release

MSRC / By msrc / July 13, 2010 June 20, 2019

Hi everyone. As part of our usual monthly update cycle, today Microsoft is releasing four security bulletins to address five vulnerabilities in Windows and Microsoft Office. MS10-042 resolves a publicly disclosed and actively exploited vulnerability discussed in Security Advisory 2219475. The update addresses an issue in the Windows Help and Support Center feature included in …

July 2010 Security Bulletin Release Read More »

Help and Support Center vulnerability full-disclosure posting

Security Research & Defense / By swiat / June 10, 2010 June 20, 2019

Yesterday evening, one of Google’s security researchers publicly released vulnerability details and a working exploit for an unpatched vulnerability in Windows XP and Windows Server 2003. This afternoon, we’ve released security advisory 2219475 with official guidance. We’d like to use this blog entry to share more details about the issue and ways you can protect …

Help and Support Center vulnerability full-disclosure posting Read More »

Security Advisory 2219475 Released

MSRC / By msrc / June 10, 2010 June 20, 2019

Hello – We have released Security Advisory 2219475, addressing the vulnerability in the Windows Help and Support Center function in Windows XP and Windows Server 2003. We are not aware of any active attacks at this time. Customers running Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2 are not vulnerable to …

Security Advisory 2219475 Released Read More »