DarkFiber Consulting – IT Managed Services

Microsoft Releases October Security Bulletin

October 23rd, 2010 . by DarkFiber Consulting

Microsoft has released updates to address vulnerabilities in Microsoft Windows, .NET Framework, Server Software, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for October 2010. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, operate with elevated privileges, cause a denial-of-service condition, or tamper with data.

DarkFiber Consulting encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

Microsoft Releases Advance Notification for October Security Bulletin

October 23rd, 2010 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release will contain sixteen bulletins. Four bulletins will have the severity rating of critical and will be for Microsoft Windows and Internet Explorer. Ten bulletins will have the severity rating of important and will be for Microsoft Server Software, Windows, and Office. The remaining two bulletins will have the severity rating of moderate and will be for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, October 12, 2010.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advance Notification for August Security Bulletin

August 6th, 2010 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its August release will contain 14 bulletins. Eight bulletins will have the severity rating of critical and will be for Microsoft Windows, Internet Explorer, Office, and Silverlight. The remaining six bulletins will have the severity rating of important and will be for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, August 10, 2010.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Out-of-Band Security Bulletin to Address Shortcut Vulnerability

August 6th, 2010 . by DarkFiber Consulting

Microsoft has released security bulletin MS10-046 to address a critical vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for shortcut files. By convincing a user to display a specially crafted shortcut file, a remote attacker may be able to execute arbitrary code.

DarkFiber Consulting strongly encourages users and administrators to review Microsoft security bulletin MS10-046 and apply any necessary updates to mitigate the risks.

Additional information regarding this vulnerability can be found in the following:

Microsoft Windows Help and Support Center Vulnerability

June 23rd, 2010 . by DarkFiber Consulting

DarkFiber Consulting is aware of a vulnerability affecting the Mircosoft Windows Help and Support Center. This vulnerability is due to improper sanitization of hcp:// URIs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands.

DarkFiber Consulting encourages users and administrators to review Vulnerability Note VU#578319 and implement the workarounds to help mitigate the risks and reduce attack vectors.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases June Security Bulletin

June 23rd, 2010 . by DarkFiber Consulting

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, SharePoint, and .NET Framework as part of the Microsoft Security Bulletin Summary for June 2010. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.

DarkFiber Consulting encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

Microsoft Releases February Security Bulletin

March 1st, 2010 . by DarkFiber Consulting

Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for February 2010. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges.

DarkFiber Consulting encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

Microsoft Releases Advance Notification for February Security Bulletin

March 1st, 2010 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification, indicating that its February release cycle will contain 13 bulletins. Five of them will have a severity rating of Critical and will be for Microsoft Windows. The remaining eight bulletins have an Important rating and are for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, February 9, 2010.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Cumulative Security Update for Internet Explorer

January 27th, 2010 . by DarkFiber Consulting

Microsoft has released Security Bulletin MS10-002 as a Cumulative Security Update for Internet Explorer. This update addresses multiple vulnerabilities that when exploited, may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review Microsoft Security Bulletin MS10-002 and apply any necessary updates to help mitigate the risks.

Microsoft Releases Security Advisory 979352

January 27th, 2010 . by DarkFiber Consulting

Microsoft has released Security Advisory 979352 to alert users of a vulnerability in Microsoft Internet Explorer. The advisory indicates that exploitation of this vulnerability may allow an attacker to execute arbitrary code. Microsoft also indicates that it is aware of public, active exploitation of this vulnerability.

DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 979352 and apply the suggested workaround of setting the Internet zone security setting to High to help mitigate the risks.

Additional information about this vulnerability can be found in Vulnerability Note VU#492515.

« Previous Entries