As part of its regularly scheduled patch release, Microsoft issued fixes for gaping vulnerabilities in Internet Explorer and Remote Desktop Protocol. The software giant also released a new feature that, in the wake of the Flame virus, enables certificates to be automatically updated.
The fixes are set to address 25 vulnerabilities, covering Windows, Internet Explorer, Visual Basic for Applications, Dynamics AX and the .NET Framework.
The leak of details regarding a major Windows bug, which resulted in the removal of DPTech Technologies as a trusted Microsoft partner, calls into question how impervious a vulnerability sharing program can be.
April 25, 2012
The recent outbreak of the Flashback trojan on Mac computers is a case study in how unprepared security professionals are for dealing with malware that's not specific to Windows.
An Adobe security researcher has released an open-source analyzer tool that can determine whether a Win32 binary file contains malware.
A proof-of-concept that has emerged and takes advantage of a very serious Windows vulnerability may have been the result of a leak, said the researcher who first discovered the bug.
Microsoft next week plans to release six patches, including one for a "critical" vulnerability affecting all supported versions of the software giant's operating system.
The threats associated with mobile devices can come in many forms, so there are a number of best practices one can put in place to thwart potentially disastrous consequences.
The security update, which plans to address eight vulnerabilities, will include one "critical" fix.
Tuesday's baker's dozen of security patches from Microsoft includes a fix for a vulnerability that helped spread the dangerous information-stealing Duqu trojan, which targets industrial control systems.
In an effort to smooth the patching process for users, Microsoft plans to improve its updating mechanism in Windows 8, due out next year.
Microsoft on Tuesday patched one "critical" vulnerability, plus three other less-severe flaws. Not patched, as expected, is a bug related to the Duqu trojan.
The Patch Tuesday bulletins, of which two are rated "critical" and six deemed "important," are due Oct. 11 at about 2 p.m. EST.
Microsoft may face challenges from anti-virus rivals after announcing this week that the next version of Windows will come with built-in AV protection.
Katie Moussouris, senior security strategist lead at Microsoft, discusses the software giant's recently announced Blue Hat competition, which offers $250,000 in cash and prizes to the winning researchers who develop advanced technologies to defend Windows against entire classes of vulnerabilities that can be exploited to bypass the platform's existing mitigations. Moussouris describes how Microsoft came up with the idea, why defensive research is just as important as one-off vulnerability discoveries and how the oft-cynical research community is reacting to the contest.
Microsoft is breaking out the piggy bank to incentivize researchers to develop advanced technologies to defend Windows and the applications that run on top of the world's most popular operating system.
Microsoft expects to release four patches next week to address 22 vulnerabilities in Windows and Office, the company said Thursday.
Microsoft on Tuesday delivered two patches to address three vulnerabilities, but because of default settings, built-in protections and unaffected newer versions, experts don't anticipate widespread attacks ensuing.
Following a record-breaking security update last month, Microsoft is planning just two fixes for its June update, plus a revamped exploitability index.
Microsoft's planned security update for next week likely will include a fix for a vulnerability that is being actively exploited.
Three fixes from Microsoft await security administrators next week, the software giant announced Thursday.
Microsoft next week plans to push out 12 patches to close 22 vulnerabilities as part of its monthly security update.
Microsoft on Friday warned of a new Windows scripting vulnerability that could result in information disclosure.
Microsoft is letting administrators ease their way into the New Year, with plans to issue only two patches next week.
Microsoft is warning of an unpatched vulnerability in its Windows Graphics Rendering Engine that could lead to remote code execution.
November 15, 2010
As security firm Fortinet celebrates 10 years in business, Fortiguard Labs took a look at the 10 most intriguing threats during the past decade and showed how their feature sets have evolved, Darwin-like, over time.
Aruba, Belgium, Curacao, Sint Maarten, Suriname, and Netherlands Antilles all may want to check out this .nl Windows Server 2008 vulnerability.
Microsoft is planning to release nine patches on Tuesday to plug 13 holes as part of the software giant's monthly security update.
Microsoft is alerting the public about a new vector that can be used to infect PCs when an application is tricked into loading a malicious library. The major question is: What applications are vulnerable?
Microsoft's record-breaking month of patches includes fixes for 34 flaws across the software giant's product line.
