MS13-098: Update to enhance the security of Authenticode

Today we released MS13-098, a security update that strengthens the Authenticode code-signing technology against attempts to modify a signed binary without invalidating the signature. This update addresses a specific instance of malicious binary modification that could allow a modified binary to pass the Authenticode signature check. More importantly, it also introduces further hardening to consider…

0

An update on the DLL-preloading remote attack vector

Last week, we released Security Advisory 2269637 notifying customers of a publicly disclosed remote attack vector to a class of vulnerabilities affecting applications that load dynamic-link libraries (DLL’s) in an insecure manner. At that time, we also released a tool to help protect systems by disallowing unsafe DLL-loading behavior. Today we wanted to provide an…

0

Assessing the risk of the schannel.dll vulnerability (MS09-007)

MS09-007 resolves an issue in which an attacker may be able to log onto an SSL protected server which is configured to use certificate based client authentication with only the public key component of a certificate, not the associated private key. Only a subset of customers who log into SSL protected servers are at risk…

0

MS08-037 : More entropy for the DNS resolver

We released security bulletin MS08-020 two months ago to improve the DNS transaction ID entropy.  You can read more about the MS08-020 algorithm change in this blog entry.  Increasing the entropy makes it more difficult for attackers to spoof DNS replies.  Today, we released MS08-037 to further increase the difficulty of spoofing DNS transactions.  We…

0

MS08-020 : How predictable is the DNS transaction ID?

Today we released MS08-020 to address a weakness in the Transaction ID (TXID) generation algorithm in the DNS client resolver.  The TXID is a 16-bit entity that is primarily used as a synchronization mechanism between DNS servers/clients; in fact, you can think of it as an Initial Sequence Number (ISN) for DNS query/response exchanges.  Consequently,…

0