Page 12 of 47 FirstFirst ... 2891011121314151622 ... LastLast
Results 111 to 120 of 467

Thread: Microsoft Alerts

  1. #111
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation CVE-2013-3918 Exploit...

    FYI...

    CVE-2013-3918 Exploit...
    - http://www.threattracksecurity.com/i...-3918-exploit/
    Nov 22, 2013 - "... If you haven’t updated your OS yet, -now- is the time to do it... We were able to retrieve a piece of the exploit malware... Here is a malformed HTML website I used to test the exploit on.
    > http://www.threattracksecurity.com/i...4CACC6ED89.jpg
    As you can see, there’s nothing special about it. All one can see is a white page with the text “Hello man” on it. What users don’t know is that infiltration and code execution happens in the background. They don’t see anything happening until it’s already too late..."

    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2013-3918 - 9.3 (HIGH)
    Last revised: 11/15/2013 - "... as exploited in the wild in November 2013, aka 'InformationCardSigninHelper' Vulnerability."

    Microsoft Security Bulletin MS13-090 - Critical
    Cumulative Security Update of ActiveX Kill Bits (2900986)
    - http://technet.microsoft.com/security/bulletin/MS13-090
    ___

    - http://blog.trendmicro.com/trendlabs...light-exploit/
    Nov 25, 2013 - "... independent security researchers found that the Angler Exploit Kit had added Silverlight to their list of targeted software, using CVE-2013-0074. When we analyzed the available exploit, we found that in addition to CVE-2013-0074, a second vulnerability, CVE-2013-3896, in order to bypass ASLR. These vulnerabilities are discussed in two separate Microsoft security bulletins, namely MS13-022 and MS13-087, respectively..."

    Last edited by AplusWebMaster; 2013-11-26 at 10:24.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #112
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Advisory 2914486 - 0-day exploit in wild

    FYI...

    Microsoft Security Advisory (2914486)
    Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege
    - http://technet.microsoft.com/en-us/s...visory/2914486
    November 27, 2013 - "Microsoft is investigating new reports of a vulnerability in a kernel component of Windows XP and Windows Server 2003. We are aware of limited, targeted attacks that attempt to exploit this vulnerability. Our investigation of this vulnerability has verified that it does not affect customers who are using operating systems newer than Windows XP and Windows Server 2003. The vulnerability is an elevation of privilege vulnerability. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. Microsoft is actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers. For information about protections released by MAPP partners, see MAPP Partners with Updated Protections. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs..."

    0 day exploit in wild
    - https://isc.sans.edu/diary.html?storyid=17117
    Last Updated: 2013-11-28 01:05:44 - "... the temporary fix outlined breaks some windows features, specifically some IPSEC VPN functions..."

    - http://www.fireeye.com/blog/technica...-the-wild.html
    November 27, 2013 - "... The exploit targets Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior on Windows XP SP3. Those running the latest versions of Adobe Reader should not be affected by this exploit..."
    - http://www.adobe.com/support/downloa...atform=Windows

    - https://atlas.arbor.net/briefs/index#-1423916473
    High Severity
    Published: Fri, 06 Dec 2013 00:00:26 +0000
    Public exploit code has been released for CVE-2013-5065, a vulnerability in the Windows Kernel NDPROXY component that allows for privilege escalation attacks.
    Analysis: .... With public exploit code available, the bar has been lowered significantly.
    Source: http://1337day.com/exploits/21615

    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2013-5065 - 7.2 (HIGH)
    Last revised: 11/29/2013 - "... as exploited in the wild in November 2013."

    Last edited by AplusWebMaster; 2013-12-07 at 17:13.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #113
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post .NET Framework 4.5.1 ...

    FYI...

    .NET Framework 4.5.1
    - http://windowssecrets.com/newsletter...ox-one/#story6
    November 27, 2013 - "Skip this serving of .NET Framework 4.5.1... 2858725..."

    KB 2858725
    - http://support.microsoft.com/kb/2858725
    Last Review: Nov 26, 2013 - Rev 4.0

    How to temporarily block the installation of the .NET Framework 4.5.1 ...
    - http://support.microsoft.com/kb/2721187
    Last Review: Nov 26, 2013 - Rev 3.0
    Applies to:
    • Microsoft .NET Framework 4.5.1, when used with:
    Windows Vista Ultimate
    Windows 7 Ultimate
    Windows Server 2008 Enterprise
    Windows Server 2008 R2 Enterprise
    Windows Server 2012 Standard
    ___

    .NET Framework Cleanup Tool
    - http://blogs.msdn.com/b/astebner/arc...8/8904493.aspx

    Last edited by AplusWebMaster; 2013-11-28 at 19:06.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #114
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Advisory (2916652)

    FYI...

    MS Security Advisory (2916652)
    Improperly Issued Digital Certificates Could Allow Spoofing
    - http://technet.microsoft.com/en-us/s...visory/2916652
    Dec 9, 2013 - "Microsoft is aware of an improperly issued subordinate CA certificate that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The subordinate CA certificate was improperly issued by the Directorate General of the Treasury (DG Trésor), subordinate to the Government of France CA (ANSSI), which is a CA present in the Trusted Root Certification Authorities Store. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue. The improperly issued subordinate CA certificate has been misused to issue SSL certificates for multiple sites, including Google web properties. These SSL certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties. The subordinate CA certificate may also have been used to issue certificates for other, currently unknown sites, which could be subject to similar attacks. To help protect customers from potentially fraudulent use of this digital certificate, Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove the trust of certificates that are causing this issue. For more information about these certificates, see the Frequently Asked Questions section of this advisory... in addition to addressing the certificates described in this advisory, this update is cumulative and includes digital certificates described in previous advisories..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #115
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Bulletin Summary - December 2013

    FYI...

    - https://technet.microsoft.com/en-us/...letin/ms13-dec
    Dec 10, 2013 - "This bulletin summary lists security bulletins released for December 2013...
    (Total of -11-)

    Microsoft Security Bulletin MS13-096 - Critical
    Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (2908005)
    - https://technet.microsoft.com/en-us/...letin/ms13-096
    Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft Office, Microsoft Lync
    • V1.1 (December 10, 2013): Clarified that users should -undo- the Disable the TIFF Codec workaround* and the Disable data collaboration in Lync workaround after applying the update. See the Update FAQ for more information. Added undo steps to the Disable data collaboration in Lync workaround...
    * https://support.microsoft.com/kb/2908005
    Disable this Fix it - 51005
    • V1.2 (December 20, 2013): Revised the Based on the configuration of my system, how do I know if my system is affected? Update FAQ to include the updates that are applicable for each configuration...

    Microsoft Security Bulletin MS13-097 - Critical
    Cumulative Security Update for Internet Explorer (2898785)
    - https://technet.microsoft.com/en-us/...letin/ms13-097
    Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

    Microsoft Security Bulletin MS13-098 - Critical
    Vulnerability in Windows Could Allow Remote Code Execution (2893294)
    - https://technet.microsoft.com/en-us/...letin/ms13-098
    Critical - Remote Code Execution - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS13-099 - Critical
    Vulnerability in Microsoft Scripting Runtime Object Library Could Allow Remote Code Execution (2909158)
    - https://technet.microsoft.com/en-us/...letin/ms13-099
    Critical - Remote Code Execution - May require restart - Microsoft Windows

    Microsoft Security Bulletin MS13-105 - Critical
    Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2915705)
    - https://technet.microsoft.com/en-us/...letin/ms13-105
    Critical - Remote Code Execution - Does not require restart - Microsoft Exchange
    • V1.1 (December 10, 2013): Updated the Known Issues entry in the Knowledge Base Article section from "None" to "Yes".

    Microsoft Security Bulletin MS13-100 - Important
    Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2904244)
    - https://technet.microsoft.com/en-us/...letin/ms13-100
    Important - Remote Code Execution - May require restart - Microsoft SharePoint

    Microsoft Security Bulletin MS13-101 - Important
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2880430)
    - https://technet.microsoft.com/en-us/...letin/ms13-101
    Important - Elevation of Privilege - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS13-102 - Important
    Vulnerability in LRPC Client Could Allow Elevation of Privilege (2898715)
    - https://technet.microsoft.com/en-us/...letin/ms13-102
    Important - Elevation of Privilege - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS13-103 - Important
    Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2905244)
    - https://technet.microsoft.com/en-us/...letin/ms13-103
    Important - Elevation of Privilege - Does not require restart - Microsoft Developer Tools

    Microsoft Security Bulletin MS13-104 - Important
    Vulnerability in Microsoft Office Could Allow Information Disclosure (2909976)
    - https://technet.microsoft.com/en-us/...letin/ms13-104
    Important - Information Disclosure - May require restart - Microsoft Office

    Microsoft Security Bulletin MS13-106 - Important
    Vulnerability in a Microsoft Office Shared Component Could Allow Security Feature Bypass
    - https://technet.microsoft.com/en-us/...letin/ms13-106
    Important - Security Feature Bypass - May require restart - Microsoft Office
    ___

    - http://blogs.technet.com/b/msrc/arch...edirected=true

    Deployment Priority
    - https://blogs.technet.com/cfs-filesy...2D00_550x0.jpg

    - http://blogs.technet.com/b/srd/archi...y-updates.aspx
    "... we released eleven security bulletins addressing 24 CVE’s..."
    ___

    December 2013 Office Update Release
    - http://blogs.technet.com/b/office_su...e-release.aspx
    9 Dec 2013 - "... There are 12 security updates (4 bulletins) and 43 non-security updates..."
    (More detail at the URL above.)
    ___

    - https://secunia.com/advisories/55584/ - MS13-096
    - https://secunia.com/advisories/55967/ - MS13-097
    - https://secunia.com/advisories/55971/ - MS13-098
    - https://secunia.com/advisories/55981/ - MS13-099
    - https://secunia.com/advisories/55985/ - MS13-100
    - https://secunia.com/advisories/55986/ - MS13-101
    - https://secunia.com/advisories/55988/ - MS13-102
    - https://secunia.com/advisories/55991/ - MS13-103
    - https://secunia.com/advisories/56007/ - MS13-103
    - https://secunia.com/advisories/55997/ - MS13-104
    - https://secunia.com/advisories/55998/ - MS13-105
    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2013-5057 - MS13-106
    ___

    ISC Analysis
    - https://isc.sans.edu/diary.html?storyid=17198
    Last Updated: 2013-12-10 20:39:23 UTC
    ___

    0-Day Fixes From Adobe, Microsoft
    - http://krebsonsecurity.com/2013/12/z...obe-microsoft/
    Dec 10, 2013

    .
    Last edited by AplusWebMaster; 2013-12-26 at 07:42.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #116
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Advisories - 12.10.2013

    FYI...

    Microsoft Security Advisory (2915720)
    Changes in Windows Authenticode Signature Verification
    - http://technet.microsoft.com/en-us/s...visory/2915720
    Dec 10, 2013 - "Microsoft is announcing the availability of an update for all supported releases of Windows to change how signatures are verified for binaries signed with the Windows Authenticode signature format. The change is included with Security Bulletin MS13-098, but will not be enabled until June 10, 2014. Once enabled, the new default behavior for Windows Authenticode signature verification will no longer allow extraneous information in the WIN_CERTIFICATE structure. Note that after June 10, 2014, Windows will no longer recognize non-compliant binaries as signed... see the Suggested Actions section of this advisory for more information..."

    Microsoft Security Advisory (2905247)
    Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege
    - http://technet.microsoft.com/en-us/s...visory/2905247
    Dec 10, 2013 - "Microsoft is announcing the availability of an update for Microsoft ASP.NET to address a vulnerability in ASP.NET view state that exists when Machine Authentication Code (MAC) validation is disabled through configuration settings. The vulnerability could allow elevation of privilege and affects all supported versions of Microsoft .NET Framework except .NET Framework 3.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1. Any ASP.NET site for which view state MAC has become disabled through configuration settings is vulnerable to attack. An attacker who successfully exploited the vulnerability could use specially crafted HTTP content to inject code to be run in the context of the service account on the ASP.NET server. Microsoft is aware of general information available publicly that could be used to exploit this vulnerability, but is not aware of any active attacks... see the Suggested Actions section of this advisory for more information..."

    Microsoft Security Advisory (2896666)
    Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution
    - http://technet.microsoft.com/en-us/s...visory/2896666
    Updated: Dec 10, 2013 - "... We have issued MS13-096* to address the Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2013-3906). For more information about this issue, including download links for an available security update, please review MS13-096..."
    * https://technet.microsoft.com/en-us/...letin/ms13-096

    Microsoft Security Advisory (2871690)
    Update to Revoke Non-compliant UEFI Modules
    - http://technet.microsoft.com/en-us/s...visory/2871690
    Dec 10, 2013 - "Microsoft is announcing the availability of an update for Windows 8 and Windows Server 2012 that revokes the digital signatures for nine private, third-party UEFI (Unified Extensible Firmware Interface) modules that could be loaded during UEFI Secure Boot. When the update is applied, the affected UEFI modules will no longer be trusted and will no longer load on systems where UEFI Secure Boot is enabled. The affected UEFI modules consist of specific Microsoft-signed modules that are either not in compliance with our certification program or their authors have requested that the packages be revoked. At the time of this release, these UEFI modules are not known to be available publicly. Microsoft is not aware of any misuse of the affected UEFI modules. Microsoft is proactively revoking these non-compliant modules as part of ongoing efforts to protect customers. This action only affects systems running Windows 8 and Windows Server 2012 that are capable of UEFI Secure Boot where the system is configured to boot via UEFI and Secure Boot is enabled. There is no action on systems that do not support UEFI Secure Boot or where it is disabled... Microsoft Knowledge Base Article 2871690* documents the currently known issues that customers may experience when installing this update. The article also documents recommended solutions for these issues..."
    * https://support.microsoft.com/kb/2871690

    Microsoft Security Advisory (2755801)
    Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
    - http://technet.microsoft.com/en-us/s...visory/2755801
    Dec 10, 2013 - "Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11... Microsoft recommends that customers apply the current update immediately using update management software, or by checking for updates using the Microsoft Update service. Since the update is cumulative, only the current update will be offered. Customers do not need to install previous updates as a prerequisite for installing the current update..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #117
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Advisory 2916652 - V2.0 ...

    FYI...

    Microsoft Security Advisory (2916652)
    Improperly Issued Digital Certificates Could Allow Spoofing
    - http://technet.microsoft.com/en-us/s...visory/2916652
    • V2.0 (December 12, 2013): Advisory revised to announce the availability of the 2917500 update for customers running Windows XP or Windows Server 2003, or for customers who choose not to install the automatic updater of revoked certificates. The 2917500 update* is available via the Microsoft Update service and from the download center. For more information, see the Suggested Actions section of this advisory.
    * http://support.microsoft.com/kb/2917500
    Last Review: December 12, 2013

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #118
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Office 2010 SP2 ...

    FYI...

    Event ID 27, "Calendar Folder property is missing," after you apply
    Office 2010 SP2: http://support.microsoft.com/kb/2883156

    - http://msmvps.com/blogs/bradley/arch...otfix-out.aspx
    Dec 12 2013 - "If you are suffering from that
    Try this hotfix..."

    Description of the Outlook 2010 hotfix package (Outlook-x-none.msp):
    December 10, 2013
    - http://support.microsoft.com/kb/2849973

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #119
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Advisory 2915720 V1.1 ...

    FYI...

    Microsoft Security Advisory (2915720)
    Changes in Windows Authenticode Signature Verification
    - http://technet.microsoft.com/en-us/s...visory/2915720
    • V1.1 (December 13, 2013): Corrected the registry key information in the Test the Improvement to Authenticode Signature Verification suggested action. Customers who have applied or plan to apply the suggested action should review the revised information.

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #120
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Question MS to fix Win XP SVCHOST redlining 'ASAP' ...

    FYI...

    MS to fix Win XP SVCHOST redlining 'ASAP' ...
    - http://www.infoworld.com/t/microsoft...ossible-232675
    Dec 16, 2013 - "... the XP Windows Update agent WUAUCLT.EXE running in a SVCHOST wrapper redlines, taking 100 percent of the CPU for five, 10, 15 minutes - up to an hour or two. If you have Automatic Update enabled on your computer, that means every time you re-boot Windows XP your machine can lock up for hours on end; pull the plug, and the -same- thing happens over again. On Friday night we (finally) received an official explanation that describes why the problem happens, along with a description of what Microsoft is doing to resolve it and a promise that it'll get fixed "as soon as possible"... with something like half a billion Windows XP machines out there still connected to the Internet, it's a horrendous problem... Doug Neal, senior program manager for Windows and Microsoft Update, sent a message to the PatchManagement listserv on Friday night...
    'In September we witnessed a large number of reports of SVCHOST taking high CPU for extended periods of time. This was primarily on Windows XP machines running IE6 or IE7. There were a few reports of this happening on Windows XP with IE8, but only a few.' ..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •