Workarounds | Microsoft Security Response Center

Announcing the availability of ModSecurity extension for IIS

Thursday, July 26, 2012

Vulnerabilities in on-line services, like cross-site scripting, cross-site request forgery, or even information disclosure, are important areas of focus for the Microsoft Security Response Center (MSRC). Over the last few years Microsoft has developed a number of tools capable of mitigating selected web specific vulnerabilities (for example, UrlScan). To help on this front we have participated in a community effort to bring the popular open source module ModSecurity to the IIS platform.

More information on Security Advisory 2737111

Tuesday, July 24, 2012

Today we released Security Advisory 2737111 to describe the way in which vulnerabilities in Oracle’s Outside In technology impact the document preview functionality of Microsoft Exchange Server 2007 and 2010 and FAST Search Server 2010 for SharePoint. In this blog, we would like to discuss the following: What is the Oracle Outside In technology?

MS12-027: Enhanced protections regarding ActiveX controls in Microsoft Office documents

Tuesday, April 10, 2012

Security Update MS12-027 addresses a code execution vulnerability in MSCOMCTL.OCX, the Windows Common Controls ActiveX control. By default, this component is included with all 32-bit versions of Microsoft Office. We’d like to cover the following topics in this blog post: Limited, targeted attacks leveraging this vulnerability Mitigations in recent versions of Office to reduce the risk Extra protections to block all or specific ActiveX controls in Office documents The new Office 2010 kill bit feature Limited, targeted attacks leveraging this vulnerability

CVE-2012-0002: A closer look at MS12-020's critical issue

Tuesday, March 13, 2012

Security Update MS12-020 addresses two vulnerabilities in Microsoft’s implementation of the Remote Desktop Protocol (RDP). One of the two, CVE-2012-0002, is a Critical, remote code execution vulnerability affecting all versions of Windows. This blog post shares additional information with the following goals: To strongly encourage you to make a special priority of applying this particular update; To give you an option to harden your environment until the update can be applied.

More information on MS12-004

Tuesday, January 10, 2012

This month we released MS12-004 to address CVE-2012-0003 and CVE-2012-0004. CVE-2012-0003 The most severe of these vulnerabilities is CVE-2012-0003 which is a Critical, Remote Code Execution vulnerability. This CVE affects all editions of Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008. Windows 7 is not affected by this vulnerability.

More information about the December 2011 ASP.Net vulnerability

Tuesday, December 27, 2011

Today, we released Security Advisory 2659883 alerting customers to a newly disclosed denial-of-service vulnerability affecting several vendors’ web application platforms, including Microsoft’s ASP.NET. This blog post will cover the following: Impact of the vulnerability How to know if your configuration is vulnerable to denial-of-service How to detect the vulnerability being exploited at network layer How to detect the vulnerability being exploited on the server Background on the workaround to protect your website Impact of the vulnerability

Is SSL broken? – More about Security Bulletin MS12-006 (previously known as Security Advisory 2588513)

Monday, September 26, 2011

On January 10th, Microsoft released MS12-006 in response to a new vulnerability discovered in September in SSL 3.0 and TLS 1.0. Here we would like to give further information about the technique used to exploit this vulnerability and workaround options Microsoft has released if you discover a compatibility issue after installing the update.

Protecting yourself from attacks that leverage fraudulent DigiNotar digital certificates

Sunday, September 04, 2011

Last week, we released Security Advisory 2607712, notifying customers that fraudulent digital certificates had been issued by certificate authority DigiNotar. We’d like to follow up on that notification in this blog post by explaining more about the potential risks and actions you can take to protect yourself from any potential attacks that would leverage those fraudulent certificates.

MS11-053: Vulnerability in the Bluetooth stack could allow remote code execution

Tuesday, July 12, 2011

The single Critical vulnerability in today’s batch of security updates addresses an issue in the Bluetooth stack. Your workstations’ risk to this vulnerability varies, depending on a number of factors. I’d like to use this blog post to outline those risk factors. How can I protect my system? The best way to protect any potentially vulnerable system is to apply the MS11-053 security update.

Assessing the risk of the February security updates

Tuesday, February 08, 2011

Today we released twelve security bulletins. Three have a maximum severity rating of Critical and nine have a maximum severity rating of Important. This release addresses three publicly disclosed vulnerabilities. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS11-003(IE) Victim browses to a malicious webpage.