Tag Archive
Community-Based Defense: Looking Outward, Moving Forward
Two years ago, in front of a standing-room only crowd here at Black Hat, we introduced three new information sharing programs as well as the concept of Community-Based Defense. The underlying concept shared by all three programs was simple-collaboration will be key to preventing and defending against online crime going forward; no one company,... »
Windows Help Vulnerability Disclosure
Hello, We are aware of a publicly disclosed vulnerability affecting Windows XP and Windows Server 2003. We are not aware of any current exploitation of this issue and customers running Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this issue, or at risk of attack. This issue... »
Security Advisory 2028859 Released
Hello all. As we start the week we’re investigating a publicly reported vulnerability in the Windows Canonical Display Driver (cdd.dll) and have released Security Advisory 2028859 to describe our findings. We’re not aware of any current customer impact as a result of the issue. The Canonical Display Driver is used by desktop composition to blend... »
Security Advisory 983438 Released
Hello. Today we released Security Advisory 983438, addressing a cross-site scripting (XSS) vulnerability in SharePoint Server 2007 and SharePoint Services 3.0 that could allow Elevation of Privilege (EoP) within the SharePoint site itself. Servers are at reduced risk from Internet Explorer 8 clients, as the Internet Explorer 8 XSS filter helps to mitigate the... »
Microsoft Security Advisory 975191 Revised
Hi Everyone, Today we updated Security Advisory 975191 as we are now seeing limited attacks. Additionally, a new proof of concept published allowing for Denial of Service (DoS) attacks on Windows XP and Windows Server 2003 with read access to the File Transfer Protocol (FTP) service. This does not require Write access. Also, a new POC... »
Microsoft Security Advisory 975191 Released
Hi Everyone, This is Alan Wallace, senior communications manager for our security response communications team. Today, Microsoft released Security Advisory 975191, to provide customer guidance and protection from a vulnerability that could allow remote code execution on affected systems running the FTP service in Microsoft Internet Information Services (IIS) 5.0, 5.1 and 6.0, and connected... »
Microsoft Security Advisory 973472 Released
Hi Everyone, This is Dave Forstrom, group manager for our security response communications team. We have just posted Microsoft Security Advisory 973472, which highlights a vulnerability in Microsoft Office Web Components. Specifically, the vulnerability exists in the Spreadsheet ActiveX control and while we’ve only seen limited attacks, if exploited successfully, an attacker could gain the... »
Microsoft Security Advisory 972890 Released
I wanted to let you know that we have just posted Microsoft Security Advisory 972890 that discusses new, limited attacks against a Microsoft Video ActiveX Control affecting Windows XP and Windows Server 2003. Specifically, we’re aware of a code execution vulnerability within this control that can enable an attacker to run code as the logged-on... »
![[Google]]( http://www.ccnetworking.com/wordpress/wp-content/plugins/easy-adsenser/google-light.gif)