Posts Tagged ‘windows security’

Microsoft Security Bulletin Overview January 2011

Wednesday, January 12th, 2011

Well, yesterday was the second Tuesday of the month … so here’s an overview of this month’s MS security bulletin.

The second Tuesday of a month is Microsoft’s patch day where the software company releases security patches and fixes for its products. The first patch day of the year 2011 brings two security bulletins that patch vulnerabilities in the Windows operating system. MS11-002 patches vulnerabilities in Microsoft Data Access Components that could allow remote code execution. The maximum severity rating of the vulnerability is critical, the highest possible rating.


No Patches for Internet Explorer Vulnerabilities this Month

Friday, January 7th, 2011

So does this mean that they’ve finally got all of the bugs worked out of IE … or does it mean that a lot of people at Microsoft took time off for Christmas last month?

Microsoft will be releasing two security bulletins on this January’s patch day leaving two security vulnerabilities affecting Internet Explorer and one issue affecting the Windows graphics rendering engine unaddressed.


Microsoft Security Bulletins October 2010

Wednesday, October 13th, 2010

Here’s a convenient summary of this month’s Microsoft security updates …

Every second Tuesday in a month is patch day over at Microsoft. What does it mean? Microsoft pushes out all security patches of a month on that day to all users of their Windows operating systems and other applications like Microsoft Office. Only highly critical vulnerabilities receive out of band security patches.


Microsoft Releases Out of Band Security Patch

Wednesday, September 29th, 2010

Here’s an important security issue for anyone who runs Microsoft .Net Framework on a Windows Server operating system …

Microsoft today released a new out of band security bulletin addressing a vulnerability in ASP.NET that affects all versions of the Microsoft .Net Framework when used on Windows Server operating systems, or on client systems that run a web server from their computer.

While that excludes the majority of desktop users, it may still affect some that run web servers on their desktop systems. Those users are asked to update immediately once the patch is released.


Microsoft Releases September Security Patches

Wednesday, September 15th, 2010

Looks like it’s time to update Windows again …

Microsoft has released this month’s security patches for their operating systems and applications. The patches and updates are already available via Windows Update and Microsoft Download, and it is recommended to update the operating system as soon as possible to protect it from exploits targeting those vulnerabilities.


Microsoft Offers Workaround For Remote DLL Vulnerability

Thursday, August 26th, 2010

This sounds like a pretty serious vulnerability … kind of surprising that Microsoft only came up with a workaround, instead of a patch.

A vulnerability was recently discovered in Microsoft Windows operating systems that exploits the default dll loading behavior. A Microsoft Security Advisory explains that the “issue is caused by specific insecure programming practices that allow so-called binary planting or DLL preloading attacks”.

In simple terms: Applications that do not use qualified paths for external dynamic link libraries use Windows default settings to find those dlls on the system, and one of the first locations to be searched is the program directory, which can be a local or remote directory.


Microsoft, Adobe, Release Massive Amount Of Security Patches

Wednesday, August 11th, 2010

Speaking of Microsoft security patches …

Today is the second Tuesday of the month and that means it is Microsoft Patch Day. Microsoft is keeping a tight schedule when it comes to security patches. If they are not heavily exploited or very critical they are released on the second Tuesday of each month. Today’s patch day is already available via the official channels including Windows Update and Microsoft Downloads.