MS10-086: Disk Clustering Vulnerability

This morning we released security bulletin MS10-086 to address a vulnerability in Windows failover disk clustering. Exposure to this vulnerability will only occur if Failover Clustering is installed. Failover Clustering is supported on Windows Server 2008 R2 Enterprise, Windows Server 2008 R2 Datacenter, Windows Server 2008 R2 Hyper-V, and Windows Server 2008 R2 Storage Server…

0

Additional Information about the ASP.NET Vulnerability

Over the past couple of days we’ve received some additional questions regarding the ASP.NET vulnerability. In this post we will answer some of the most common ones. Is My ASP.NET Site Affected By This Issue? Yes, all sites that use ASP.NET are affected by this vulnerability. You should follow the recommendations outlined in the advisory….

0

Understanding the ASP.NET Vulnerability

Our recent advisory describes an ASP.NET vulnerability which was recently publicly disclosed. This blog post will give you more information about the vulnerability and the workaround. It will also provide a script which will help you detect ASP.NET applications on your server that are in a vulnerable configuration. The Impact of the Vulnerability ASP.Net uses…

0

Assessing the risk of the September security updates

Today we released nine security bulletins. Four have a maximum severity rating of Critical with the other five having a maximum severity rating of Important. Furthermore, six of the nine bulletins either do not affect the latest version of our products or affect them with reduced severity. We hope that the table below helps you…

0

MS10-061: Printer Spooler Vulnerability

This morning we released security bulletin MS10-061 to address an issue in the Windows print spooler. In this blog post, we’d like to provide additional detail about the specific configurations of Windows that are vulnerable to this issue and more background on its connection to the Stuxnet malware. Vulnerable configurations Depending on the configuration, the…

0

MS10-065: Exploitability of the IIS FastCGI request header vulnerability

This month, Microsoft released an update for IIS that addresses three vulnerabilities. The blog post focuses on one of these: the Request Header Buffer Overflow Vulnerability (CVE-2010-2730), which affects IIS version 7.5 and has a maximum security impact of Remote Code Execution (RCE). Below we provide more details on the vulnerability and the potential for…

0

Use EMET 2.0 to block Adobe Reader and Acrobat 0-day exploit

Background on the exploit As you probably know there is a new exploit in the wild for Adobe Reader and Acrobat. This particular exploit is using the Return Oriented Programming (ROP) exploit technique in order to bypass Data Execution Prevention (DEP).   Normally Address Space Layout Randomization (ASLR) would help prevent successful exploitation.  However, this…

0

The Enhanced Mitigation Experience Toolkit 2.0 is Now Available

Today we are pleased to announce the availability of the Enhanced Mitigation Experience Toolkit (EMET) version 2.0.  Users can click here to download the tool free of charge.     For those who may be unfamiliar with the tool, EMET provides users with the ability to deploy security mitigation technologies to arbitrary applications.  This helps prevent…

0

An update on the DLL-preloading remote attack vector

Last week, we released Security Advisory 2269637 notifying customers of a publicly disclosed remote attack vector to a class of vulnerabilities affecting applications that load dynamic-link libraries (DLL’s) in an insecure manner. At that time, we also released a tool to help protect systems by disallowing unsafe DLL-loading behavior. Today we wanted to provide an…

0

More information about the DLL Preloading remote attack vector

Today we released Security Advisory 2269637 notifying customers of a remote attack vector to a class of vulnerabilities affecting applications that load DLL’s in an insecure manner. The root cause of this issue has been understood by developers for some time. However, last week researchers published a remote attack vector for these issues, whereas in…

0