Announcing the release of the Enhanced Mitigation Evaluation Toolkit

*** UPDATE: Version 2.0 of EMET is now available.  Click here to read more about it. ***   Even as you read this, people around the world are hunting for vulnerabilities in software applications.  Odds are some of them will be successful.  Depending on their motives and what they find, your software and systems may be…

0

Assessing the risk of the October security bulletins

This morning we released 13 security bulletins, our largest release of 2009.  Altogether, these bulletins address 34 separate CVEs.  We’d like to use this blog post to help you prioritize your deployment of the updates. Prioritization Criteria We’ve provided a prioritized list of bulletins in the table below.  The prioritization is based on the following…

0

MS09-056: Addressing the X.509 CryptoAPI ASN.1 security vulnerabilities

MS09-056 addresses two vulnerabilities that affect how the Windows CryptoAPI parses X.509 digital certificates. Applications on the Windows platform as well as Windows components such as the WinHTTP API can call into the CryptoAPI which provides cryptographic services to validate digital certificates. Internet Explorer, for instance, uses the CryptoAPI to parse and validate the certificate…

0

MS09-051: A note on the affected platforms

MS09-051 addresses a vulnerability (CVE-2009-0555) in the speech codec of Microsoft Window Media Component. Users of Windows XP/Windows Vista/Windows Server 2003/Windows Server 2008* are affected by this vulnerability. However, for Win2k users, the story is more complex and we would like to go into more detail in this blog. *Windows Server 2008 Core installation is…

0

MS09-050: Exploit timeline for the SMB2 RCE vulnerability

This month we are releasing update MS09-050 to address the SMBv2 RCE vulnerability (CVE-2009-3103). Due to the fact that public exploit code exists for this vulnerability, we felt it would be good to summarize the exploit landscape at the time of release, so customers can use this information to prioritize the deployment of the update….

0

MS09-054: Extra info on the attack surface for the IE security bulletin

MS09-054  addresses an IE vulnerability (CVE-2009-2529), which was discovered and presented by Mark Dowd, Ryan Smith, and David Dewey at the BlackHat conference in July. First we’d like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless of the attack vector.  And most customers need not…

0

MS09-061: More information about the .NET security bulletin

MS09-061 fixes vulnerabilities in the .NET Framework which could allow malicious .NET applications execute arbitrary native code, resulting in remote code execution. This post is intended to help clarify the attack vectors for these vulnerabilities, and to cover recommended workarounds.   Important note: These vulnerabilities in the .NET framework do not affect applications built on…

0

New attack surface reduction feature in GDI+

MS09-062 fixes several vulnerabilities in GDI+ related to image parsing. It also includes a feature which allows administrators to disable parsing for each of the different image formats. This feature was publicly released early this year in an optional GDI+ update available on the Microsoft Download Center, but is now being release as part of…

0