Biztonsági szemle

Today we released seven security bulletins addressing 31 unique CVE’s. Four bulletins have a maximum severity rating of Critical while the other three have a maximum severity rating of Important. We hope that the table below helps you prioritize the...

In addition to today being the security update release, February 11 is officially Safer Internet Day for 2014. This year, we’re asking folks to Do 1 Thing to stay safer online. While you may expect my “Do 1 Thing” recommendation would be to apply...

Update as of February 10, 2014 We are adding two updates to the February release. There will be Critical-rated updates for Internet Explorer and VBScript in addition to the previously announced updates scheduled for release on February 11, 2014...

Today we’re publishing the January 2014 Security Bulletin Webcast Questions & Answers page. We answered 16 questions in total, with the majority of questions focusing on the Dynamics AX bulletin (MS14-004), the update for Microsoft Word (MS14-001)...

Today we released four security bulletins addressing six CVE’s. All four bulletins have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment...

In January, there are those who like to make predictions about the upcoming year. I am not one of those people. Instead, I like to quote Niels Bohr who said, “Prediction is very difficult, especially if it’s about the future.” However, I can say...

Today we provide advance notification for the release of four bulletins for January 2014. All bulletins this month are rated Important in severity and address vulnerabilities in Microsoft Windows, Office, and Dynamics AX. The update provided in MS14...

Today we’re publishing the December 2013 Security Bulletin Webcast Questions & Answers page. We answered 17 questions in total, with the majority of questions focusing on the Graphics Component bulletin (MS13-096), Security Advisory 2915720 and...

In our previous posts in this series, we described various mitigation improvements that attempt to prevent the exploitation of specific classes of memory safety vulnerabilities such as those that involve stack corruption, heap corruption, and unsafe...

Today we released eleven security bulletins addressing 24 CVE’s. Five bulletins have a maximum severity rating of Critical while the other six have a maximum severity rating of Important. We hope that the table below helps you prioritize the...

There are times when we get too close to a topic. We familiarize ourselves with every aspect and nuance, but fail to recognize not everyone else has done the same. Whether you consider this myopia, navel-gazing, or human nature, the effect is the...

Today we released MS13-098, a security update that strengthens the Authenticode code-signing technology against attempts to modify a signed binary without invalidating the signature. This update addresses a specific instance of malicious binary...