Microsoft has released Security Bulletin MS10-002 as a Cumulative Security Update for Internet Explorer. This update addresses multiple vulnerabilities that when exploited, may allow an attacker to execute arbitrary code.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Bulletin MS10-002 and apply any necessary updates to help mitigate the risks.
Microsoft has released Security Advisory 979352 to alert users of a vulnerability in Microsoft Internet Explorer. The advisory indicates that exploitation of this vulnerability may allow an attacker to execute arbitrary code. Microsoft also indicates that it is aware of public, active exploitation of this vulnerability.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 979352 and apply the suggested workaround of setting the Internet zone security setting to High to help mitigate the risks.
Additional information about this vulnerability can be found in Vulnerability Note VU#492515.
Microsoft has issued a Security Bulletin Advance Notification indicating that its December release cycle will contain six bulletins, three of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Microsoft Office, and Internet Explorer. There will also be three important bulletins for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, December 8.
DarkFiber Consulting will provide additional information as it becomes available.
Microsoft has released security advisory 977981 to address a vulnerability in Microsoft Internet Explorer. This vulnerability may allow an attacker to execute arbitrary code.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 977981 and implement the suggested workarounds listed in the advisory to help mitigate the risks.
Microsoft has issued a Security Bulletin Advance Notification indicating that its October release cycle will contain thirteen bulletins, eight of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, Office, Silverlight, SQL Server, Developer Tools, and Forefront. There will also be five important bulletins for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, October 13.
DarkFiber Consulting will provide additional information as it becomes available.
Microsoft has released an update to address vulnerabilities in Microsoft Windows, Silverlight, Internet Explorer, .NET Framework, Office, SQL Server, Developer Tools, and Forefront as part of the Microsoft Security Bulletin Summary for October 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with escalated privileges, cause a denial-of-service condition, or spoof an end user or website.
DarkFiber Consulting encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
Microsoft has released two out-of-band security bulletins. The first bulletin, MS09-034, is a cumulative security update for Internet Explorer that addresses several vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code. The second bulletin, MS09-035, addresses vulnerabilities in the Visual Studio Active Template Library (ATL). Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.
Additionally, Microsoft has released security advisory 973882 to provide specific guidance for developers, IT professionals, consumers, and home users regarding the vulnerabilities in Active Template Library (ATL).
DarkFiber Consulting encourages users and administrators to review Microsoft Security Bulletins MS09-034 and MS09-035 and Microsoft Security Advisory 973882 and apply any necessary updates or workarounds to help mitigate the risks. Additional information can be found in Technical Cyber Security Alert TA09-209A.
Microsoft has issued a Security Bulletin Advance Notification indicating that it will be releasing two out-of-band security bulletins. The first bulletin will address issues with Internet Explorer and has the severity rating of critical. The second bulletin will address issues with Visual Studio and has the severity rating of moderate. The notification states that release of these bulletins is scheduled for July 28, 2009.
DarkFiber Consulting will provide additional information as it becomes available.
Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, or obtain sensitive information.
DarkFiber Consulting encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied. Additional information regarding these vulnerabilities can be found in Technical Cyber Security Alert TA09-160A.
Microsoft has released Security Bulletin MS08-078 to address a vulnerability in Internet Explorer. This vulnerability is due to an invalid pointer reference in the data binding function. By convincing a user to view a specially crafted document that performs data binding (e.g., a web page, email message, or attachment), a remote, unauthenticated attacker may be able to execute arbitrary code.
DarkFiber Consulting encourages users to review Microsoft Security Bulletin MS08-078 and apply the update or workarounds listed in the bulletin to help mitigate the risks. Users may also want to consider implementing the best security practices listed in the Securing Your Web Browser document to strengthen their web browsers against future vulnerabilities.
Additional information regarding this vulnerability can be found in the Vulnerability Notes Database.