Latest Security Advisories & Notable Vulnerabilities
Microsoft addresses the following vulnerabilities in its March batch of patches:
- (MS12-017) Vulnerability in DNS Server Could Allow Denial of Service (2647170)
Risk Rating: Important
This update resolves a privately reported vulnerability in Microsoft Windows that could allow denial of service if a remote unauthenticated attacker sends a specially crafted DNS query to the target DNS server. Read more here. - (MS12-018) Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653)
Risk Rating: Important
This update resolves a privately reported vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. Read more here. - (MS12-019) Vulnerability in DirectWrite Could Allow Denial of Service (2665364)
Risk Rating: Medium
This update resolves a publicly disclosed vulnerability in Windows DirectWrite. In an Instant Messenger-based attack scenario, the vulnerability could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client. Read more here. - (MS12-020) Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
Risk Rating: Critical
This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. Read more here. - (MS12-021) Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)
Risk Rating: Important
This security update resolves one privately reported vulnerability in Visual Studio. The vulnerability could allow elevation of privilege if an attacker places a specially crafted add-in in the path used by Visual Studio and convinces a user with higher privileges to start Visual Studio. Read more here. - (MS12-022) Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)
Risk Rating: Important
This security update resolves one privately reported vulnerability in Microsoft Expression Design. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .xpr or .DESIGN file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Read more here.
Microsoft addresses the following vulnerabilities in its February batch of patches:
- (MS12-008) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
Risk Rating: Critical
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally. Read more here. - (MS12-009) Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
Risk Rating: Important
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. Read more here. - (MS12-010) Cumulative Security Update for Internet Explorer (2647516)
Risk Rating: Critical
This security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. Read more here. - (MS12-011) Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
Risk Rating: Important
This security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. Read more here. - (MS12-012) Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
Risk Rating: Important
This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. Read more here. - (MS12-013) Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. Read more here. - (MS12-014) Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
Risk Rating: Important
This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. Read more here. - (MS12-015) Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
Risk Rating: Important
This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file.. Read more here. - (MS12-016) Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
Risk Rating: Critical
This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. Read more here.
Microsoft addresses the following vulnerabilities in its January batch of patches:
- (MS12-001) Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)
Risk Rating: Important
This vulnerability could allow an attacker to bypass the SafeSEH security feature in a software application. An attacker could then use other vulnerabilities to leverage the structured exception handler to run arbitrary code. Only software applications that were compiled using Microsoft Visual C .NET 2003 can be used to exploit this vulnerability. Read more here. - (MS12-002) Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)
Risk Rating: Important
This vulnerability could allow remote code execution if a user opens a legitimate file with an embedded packaged object that is located in the same network directory as a specially crafted executable file. Read more here. - (MS12-003) Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)
Risk Rating: Important
This vulnerability allows elevation of privilege if an attacker logs onto an affected system and runs a specially crafted application. The attacker could then take complete control of the affected system and install programs; view, change, or delete data; or create new accounts with full user rights. Read more here. - (MS12-004) Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
Risk Rating: Critical
The vulnerabilities could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploits the vulnerabilities could gain the same user rights as the local user. Read more here. - (MS12-005) Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)
Risk Rating: Important
This vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file containing a malicious embedded ClickOnce application.Read more here. - (MS12-006) Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)
Risk Rating: Important
This security update resolves a publicly disclosed vulnerability in SSL 3.0 and TLS 1.0. Read more here. - (MS12-007) Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)
Risk Rating: Important
This vulnerability could allow information disclosure if a an attacker passes a malicious script to a website using the sanitization function of the AntiXSS Library. Read more here.
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)
Severity: 
Advisory Date: 30 Dec 2011
This security update addresses one publicly and three privately disclosed vulnerabilities in Microsoft .NET Framework. The most dangerous of these may lead to elevation of privilege if a potential attacker sends a maliciously crafted web request to the target. Successfully exploiting this system bug could also lead to execution of arbitrary command using an existing account on the ASP.NET site. To do this, an attacker must be registered to an account on the ASP.NET site and use an existing user credential.
Unspecified vulnerability in theJava Runtime Environment component in Oracle Java SE JDK and JRE allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to scripting.
Microsoft addresses the following vulnerabilities in its December batch of patches:
- (MS11-087) Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
Risk Rating: Critical
This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits a malicious Web page that embeds TrueType font files. Read more here. - (MS11-088) Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged-on user performed specific actions on a system where an affected version of the Microsoft Pinyin (MSPY) Input Method Editor (IME) for Simplified Chinese is installed. Read more here. - (MS11-089) Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Word file. Read more here. - (MS11-090) Cumulative Security Update of ActiveX Kill Bits (2618451)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Microsoft software. The vulnerability could allow remote code execution if a user views a specially crafted Web page that uses a specific binary behavior in Internet Explorer. Read more here. - (MS11-091) Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
Risk Rating: Important
This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Office. Read more here. - (MS11-092) Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Windows Media Player and Windows Media Center. Read more here. - (MS11-093) Vulnerability in OLE Could Allow Remote Code Execution (2624667)
Risk Rating: Important
This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. Read more here. - (MS11-094) Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
Risk Rating: Important
This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. Read more here.
- (MS11-095) Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). Read more here. - (MS11-096) Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. Read more here. - (MS11-097) Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process. Read more here. - (MS11-098) Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability. Read more here. - (MS11-099) Cumulative Security Update for Internet Explorer (2618444)
Risk Rating: Important
This security update resolves three privately reported vulnerabilities in Internet Explorer. Read more here.
A critical vulnerability has been identified in the 10.1.1 version of Adobe Reader X and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for UNIX, and Adobe Acrobat X(10.1.1) and earlier versions for Windows and Macintosh. When exploited this vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.
Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege (263965...
Severity: 
Advisory Date: 09 Nov 2011
A vulnerability in a Microsoft Windows component that may allow an attacker to execute code on the vulnerable machine. The vulnerability exists in the Win32k TrueType font parsing engine.
Once successfully exploited, this vulnerability can allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is purportedly related to DUQU malware. Note that the following operating systems' Server Core installations are not affected by this vulnerability:
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2008 for x64-based Systems Service Pack 2
- Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1
This page will be updated as soon as new information is available.
Microsoft addresses the following vulnerabilities in its November batch of patches:
- (MS11-083) Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. Read more here.
- (MS11-084) Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657)
Risk Rating: Medium
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. Read more here.
- (MS11-085) Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Read more here.
- (MS11-086) Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). Read more here.
Microsoft addresses the following vulnerabilities in its October batch of patches:
- (MS11-075) Vulnerability in Microsoft Active Accessibility Could Allow Remote Code Execution (2623699)
Risk Rating: Important
This update resolves a privately reported vulnerability in the Microsoft Active Accessibility component. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (.DLL) file. Read more here. - (MS11-076) Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926)
Risk Rating: Important
This update resolves a publicly disclosed vulnerability in Windows Media Center. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (.DLL) file. Read more here. - (MS11-077) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053)
Risk Rating: Important
This update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted font file (such as a .fon file) in a network share, a UNC or WebDAV location, or an e-mail attachment. Read more here. - (MS11-078) Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2604930)
Risk Rating: Critical
This update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Read more here. - (MS11-079) Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Remote Code Execution (2544641)
Risk Rating: Important
This update resolves five privately reported vulnerabilities in Microsoft Forefront Unified Access Gateway (UAG). The most severe of these vulnerabilities could allow remote code execution if a user visits an affected website using a specially crafted URL. Read more here. - (MS11-080) Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799)
Risk Rating: Important
This update resolves a privately reported vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. Read more here. - (MS11-081) Cumulative Security Update for Internet Explorer (2586448)
Risk Rating: Critical
This update resolves eight privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Read more here. - (MS11-082) Vulnerabilities in Host Integration Server Could Allow Denial of Service (2607670)
Risk Rating: Important
This security update resolves two publicly disclosed vulnerabilities in Host Integration Server. The vulnerabilities could allow denial of service if a remote attacker sends specially crafted network packets to a Host Integration Server listening on UDP port 1478 or TCP ports 1477 and 1478. Read more here.
Featured Stories
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more
Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native ApplicationsWe provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.Read more