Aqui você encontrará conteúdo exclusivo sobre todas as ferramentas para profissionais de TI
Today we released MS12-001, which addresses an issue that can enable an attacker to bypass a defense in depth feature known as SafeSEH. This bypass is limited in scope to applications that make use o...
Last week, we released Security Advisory 2607712, notifying customers that fraudulent digital certificates had been issued by certificate authority DigiNotar. We’d like to follow up on that not...
Today we released MS11-058 to address two vulnerabilities in the Microsoft DNS Service. One of the two issues, CVE-2011-1966, could potentially allow an attacker who successfully exploited the vulner...
Protecting the general computing ecosystem is a really tough job, and given some of the media headlines, it’s easy to get discouraged and wallow in the problems. It seems like we’re const...
How can you protect yourself, your business, and your customers when faced with an unknown or unpatched software vulnerability? This question can be difficult to answer but it is nevertheless worthy ...
The single Critical vulnerability in today’s batch of security updates addresses an issue in the Bluetooth stack. Your workstations’ risk to this vulnerability varies, depending on a numb...
Hello all -- Over the years we’ve often talked about exploit mitigations – DEP, ASLR, SEHOP and so forth – as effective tools for improving computer security, reducing risk, preven...
Today we are pleased to announce a new version of the Enhanced Mitigation Experience Toolkit (EMET) with brand new features and mitigations. Users can click here to download the tool free of charge.&...
Today we released 17 security bulletins. Nine have a maximum severity rating of Critical and eight have a maximum severity rating of Important. We hope that the table below helps you prioritize the d...
Today we released twelve security bulletins. Three have a maximum severity rating of Critical and nine have a maximum severity rating of Important. This release addresses three publicly disclosed vul...
Today we released MS11-004 to address a vulnerability in the Microsoft FTP service an optional component of Internet Information Services (IIS). In this blog, we would like to cover some additional t...
At Microsoft, as at most large software vendors, we are likely to have publicly known issues under investigation at any given time. This is what we do on the Security Research & Defense team. Rec...
Today we released Security Advisory 2488013 to notify customers of a new publicly-disclosed vulnerability in Internet Explorer (IE). This vulnerability affects all versions of IE. Exploiting this vul...
DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) have proven themselves to be important and effective countermeasures against the types of exploits that we see in the wil...
Today we released Security Advisory 2458511 notifying customers of limited attacks leveraging an Internet Explorer vulnerability. The beta version of Internet Explorer 9 is not affected while Interne...
Today we released Security Advisory 2458511 notifying customers of limited attacks leveraging an Internet Explorer vulnerability. The beta version of Internet Explorer 9 is not affected while Intern...
Today we released sixteen security bulletins. Four have a maximum severity rating of Critical, ten have a maximum severity rating of Important, and two have a maximum severity rating of Moderate. We ...
Hi everyone, Today we released Security Advisory 2416728 describing a publicly disclosed vulnerability in ASP.NET that affects all versions of the .NET Framework. At this time we are not aware of an...
Today we released nine security bulletins. Four have a maximum severity rating of Critical with the other five having a maximum severity rating of Important. Furthermore, six of the nine bulletins ei...
This morning we released security bulletin MS10-061 to address an issue in the Windows print spooler. In this blog post, we’d like to provide additional detail about the specific configurations...
This month, Microsoft released an update for IIS that addresses three vulnerabilities. The blog post focuses on one of these: the Request Header Buffer Overflow Vulnerability (CVE-2010-2730), which a...
