Security Bulletin

Today Microsoft shipped MS14-072 to the .NET Framework to address an Elevation of Privilege (EOP) vulnerability in the .NET Remoting feature. This update fixes a specific issue in .NET Remoting that permitted specially crafted remote endpoints to...

Today, we’re releasing the Enhanced Mitigation Experience Toolkit (EMET) 5.1 which will continue to improve your security posture by providing increased application compatibility and hardened mitigations. You can download EMET 5.1 from microsoft.com...

Today, we provide advance notification for the release of 16 Security Bulletins. Five of these updates are rated Critical, nine are rated as Important, and two are rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer...

Today, we announced the availability of SSL 3.0 fallback warnings in Internet Explorer (IE) 11. For more information please visit the IE blog. We have also published an update on the status of the changes we have made to our Azure offerings in...

Today, we released Security Advisory 3010060to provide additional protections regarding limited, targeted attacks directed at Microsoft Windows customers. A cyberattacker could cause remote code execution if someone is tricked into opening a...

Today, as part of Update Tuesday, we released eight securityupdates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We...

Today we released eight security bulletins addressing 24 unique CVE’s. Three bulletins have a maximum severity rating of Critical, and five have a maximum severity rating of Important. This table is designed to help you prioritize the deployment of...

Today Microsoft shipped MS14-057 to the .NET Framework in order to resolve an Elevation of Privilege vulnerability in the ClickOnce deployment service. While this update fixes this service, developers using Managed Distributed Component Object Model...

Today, we provide advance notification for the release of nine Security Bulletins. Three of these updates are rated Critical, five are rated as Important, and one is rated Moderate in severity. These updates are for Microsoft Windows, Internet...

It’s that time of year and BlueHat v14 is almost upon us. As always, BlueHat is an opportunity for us to bring the brightest minds in security together, both internal and external, to discuss and tackle some of the hardest problems facing the...

Today marks the next evolution in bounty programs at Microsoft as we launch the Microsoft Online Services Bug Bounty program starting with Office 365. In our mobile first, cloud first world, this is an exciting and logical evolution to our existing...

Today we’re publishing the September 2014 Security Bulletin Webcast Questions & Answers page. We fielded four questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS14-052) and a...