Article: 2962824 - Update Rollup of Revoked Non-Compliant UEFI Modules - Version: 1.1 - published almost 10 years ago.
Content: Revision Note: V1.1 (June 10, 2014): Advisory revised to announce a detection change for the update rollup (updates 2920189 and 2961908). This is a detection change only. There were no changes to the update files. Customers who have already successfully updated their systems do not need to take any action.Summary: With this advisory, Microsoft is revoking th...
Copy Link: https://technet.microsoft.com/en-us/library/security/2962824   
Published: 2014 06 10 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2862973 - Update for Deprecation of MD5 Hashing Algorithm for Microsoft Root Certificate Program - Version: 3.0 - published almost 10 years ago.
Content: Revision Note: V3.0 (June 10, 2014): Revised advisory to rerelease the 2862973 update for Windows 8 and Windows Server 2012. This rerelease only applies to systems running Windows Embedded 8 and Windows Server 2012 for Embedded Systems. See the Advisory FAQ for more information.Summary: Microsoft is announcing the availability of an update for supported edit...
Copy Link: https://technet.microsoft.com/en-us/library/security/2862973   
Published: 2014 06 10 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2974294 - Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service - Version: 1.0 - published almost 10 years ago.
Content: Revision Note: V1.0 (June 17, 2014): Advisory publishedSummary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft. The vulnerability could allow denial of service if the Microsoft Malware Protection Engine scans a specia...
Copy Link: https://technet.microsoft.com/en-us/library/security/2974294   
Published: 2014 06 17 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2982792 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.0 - published almost 10 years ago.
Content: Revision Note: V2.0 (July 17, 2014): Advisory revised to announce the availability of update 2982792 for supported editions of Windows Server 2003. For more information, see the Suggested Actions section of this advisory.Summary: Microsoft is aware of improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks...
Copy Link: https://technet.microsoft.com/en-us/library/security/2982792   
Published: 2014 07 17 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2915720 - Changes in Windows Authenticode Signature Verification - Version: 1.4 - published almost 10 years ago.
Content: Revision Note: V1.4 (July 29, 2014): Revised advisory to announce that Microsoft no longer plans to enforce the stricter verification behavior as a default functionality on supported releases of Microsoft Windows. It remains available as an opt-in feature. See the Advisory FAQ section for more information.Summary: Microsoft is announcing the availability of ...
Copy Link: https://technet.microsoft.com/en-us/library/security/2915720   
Published: 2014 07 29 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2905247 - Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege - Version: 2.0 - published over 9 years ago.
Content: Revision Note: V2.0 (September 9, 2014): Advisory rereleased to announce the offering of the security update via Microsoft Update, in addition to the Download-Center-only option that was provided when this advisory was originally released.Summary: Microsoft is announcing the availability of an update for Microsoft ASP.NET to address a vulnerability in ASP.NE...
Copy Link: https://technet.microsoft.com/en-us/library/security/2905247   
Published: 2014 09 09 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2977292 - Update for Microsoft EAP Implementation that Enables the Use of TLS - Version: 1.0 - published over 9 years ago.
Content: Revision Note: V1.0 (October 14, 2014): Advisory published.Summary: Microsoft is announcing the availability of an update for supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT for the Microsoft Extensible Authentication Protocol (EAP) implementation that enables the use of Transport Layer Sec...
Copy Link: https://technet.microsoft.com/en-us/library/security/2977292   
Published: 2014 10 14 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2949927 - Availability of SHA-2 Hashing Algorithm for Windows 7 and Windows Server 2008 R2 - Version: 2.0 - published over 9 years ago.
Content: Revision Note: V2.0 (October 17, 2014): Removed Download Center links for Microsoft security update 2949927. Microsoft recommends that customers experiencing issues uninstall this update. Microsoft is investigating behavior associated with this update, and will update the advisory when more information becomes available.Summary: Microsoft is announcing the a...
Copy Link: https://technet.microsoft.com/en-us/library/security/2949927   
Published: 2014 10 17 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3010060 - Vulnerability in Microsoft OLE Could Allow Remote Code Execution - Version: 2.0 - published over 9 years ago.
Content: Revision Note: V2.0 (November 11, 2014): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of a vulnerability. We have issued Microsoft Security Bulletin MS14-064 to address this issue. For more information about this issue, including download links for an available security u...
Copy Link: https://technet.microsoft.com/en-us/library/security/3010060   
Published: 2014 11 11 18:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3004375 - Update for Windows Command Line Auditing - Version: 1.0 - published about 9 years ago.
Content: Revision Note: V1.0 (February 10, 2015): Advisory published.Summary: Microsoft is announcing the availability of an update for supported editions of Windows 7, Windows 8, Windows Server 2008R2 and Windows Server 2012 that expands the Audit Process Creation policy to include the command information passed to every process. This is a new feature that provides ...
Copy Link: https://technet.microsoft.com/en-us/library/security/3004375   
Published: 2015 02 10 18:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3033929 - Availability of SHA-2 Code Signing Support for Windows 7 and Windows Server 2008 R2 - Version: 1.0 - published about 9 years ago.
Content: Revision Note: V1.0 (March 10, 2015): Advisory published.Summary: Microsoft is announcing the reissuance of an update for all supported editions of Windows 7 and Windows Server 2008 R2 to add support for SHA-2 signing and verification functionality. This update supersedes the 2949927 update that was rescinded on October 17, 2014 to address issues that some c...
Copy Link: https://technet.microsoft.com/en-us/library/security/3033929   
Published: 2015 03 10 17:00:00
Received: 2022 04 14 18:03:38
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3046015 - Vulnerability in Schannel Could Allow Security Feature Bypass - Version: 2.0 - published about 9 years ago.
Content: Severity Rating: ImportantRevision Note: V2.0 (March 10, 2015): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of a vulnerability. We have issued Microsoft Security Bulletin MS15-031 to address this issue. For more information about this issue, including download links for ...
Copy Link: https://technet.microsoft.com/en-us/library/security/3046015   
Published: 2015 03 10 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3046310 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.0 - published about 9 years ago.
Content: Revision Note: V2.0 (March 19, 2015): Advisory rereleased to announce that the update for supported editions of Windows Server 2003 is now available. See Knowledge Base Article 3046310 for more information and download links.Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof co...
Copy Link: https://technet.microsoft.com/en-us/library/security/3046310   
Published: 2015 03 19 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3050995 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.0 - published about 9 years ago.
Content: Revision Note: V2.0 (March 26, 2015): Advisory rereleased to announce that the update for supported editions of Windows Server 2003 is now available. See Microsoft Knowledge Base Article 3050995 for more information and download links.Summary: Microsoft is aware of improperly issued digital certificates coming from the subordinate CA, MCS Holdings, which cou...
Copy Link: https://technet.microsoft.com/en-us/library/security/3050995   
Published: 2015 03 26 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3009008 - Vulnerability in SSL 3.0 Could Allow Information Disclosure - Version: 3.0 - published about 9 years ago.
Content: Revision Note: V3.0 (April 14, 2015): Revised advisory to announce with the release of security update 3038314 on April 14, 2015 SSL 3.0 is disabled by default in Internet Explorer 11, and to add instructions for how to undo the workarounds.Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulner...
Copy Link: https://technet.microsoft.com/en-us/library/security/3009008   
Published: 2015 04 14 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3045755 - Update to Improve PKU2U Authentication - Version: 1.0 - published about 9 years ago.
Content: Revision Note: V1.0 (April 14, 2015): Advisory published.Summary: Microsoft is announcing the availability of a defense-in-depth update that improves the authentication used by the Public Key Cryptography User-to-User (PKU2U) security support provider (SSP) in Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The improvement is part of ongoing efforts...
Copy Link: https://technet.microsoft.com/en-us/library/security/3045755   
Published: 2015 04 14 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3062591 - Local Administrator Password Solution (LAPS) Now Available - Version: 1.0 - published about 9 years ago.
Content: Revision Note: V1.0 (May 1, 2015): V1.0 (May 1, 2015): Advisory published.Summary: Microsoft is offering the Local Administrator Password Solution (LAPS) that provides a solution to the issue of using a common local account with an identical password on every computer in a domain. LAPS resolves this issue by setting a different, random password for the commo...
Copy Link: https://technet.microsoft.com/en-us/library/security/3062591   
Published: 2015 05 01 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2962393 - Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse Client - Version: 2.0 - published almost 9 years ago.
Content: Revision Note: V2.0 (June 9, 2015): Added the 3062760 update to the Juniper VPN Client Update section.Summary: Microsoft is announcing the availability of an update for the Juniper Networks Windows In-Box Junos Pulse Client for Windows 8.1 and Windows RT 8.1. The update addresses a vulnerability in the Juniper VPN client by updating the affected Juniper VPN ...
Copy Link: https://technet.microsoft.com/en-us/library/security/2962393   
Published: 2015 06 09 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3074162 - Vulnerability in Microsoft Malicious Software Removal Tool Could Allow Elevation of Privilege - Version: 1.0 - published almost 9 years ago.
Content: Severity Rating: ImportantRevision Note: V1.0 (July 14, 2015): Advisory publishedSummary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malicious Software Removal Tool (MSRT) is available that addresses a security vulnerability that was reported to Microsoft. The vulnerability could allow elevation of privi...
Copy Link: https://technet.microsoft.com/en-us/library/security/3074162   
Published: 2015 07 14 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3083992 - Update to Improve AppLocker Publisher Rule Enforcement - Version: 1.0 - published over 8 years ago.
Content: Revision Note: V1.0 (September 8, 2015): Summary: Microsoft is announcing the availability of a defense-in-depth update that improves the enforcement of publisher rules by Windows AppLocker in Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. The improvement is part of ongoing efforts to bolster the e...
Copy Link: https://technet.microsoft.com/en-us/library/security/3083992   
Published: 2015 09 08 17:00:00
Received: 2022 04 14 18:03:37
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2960358 - Update for Disabling RC4 in .NET TLS - Version: 2.0 - published over 8 years ago.
Content: Revision Note: V2.0 (October 13, 2015): Advisory revised to broaden the affected software list to include Windows 10 systems that are running .NET Framework 3.5 applications and systems with .NET Framework 4.6 installed that are running .NET Framework 4.5/4.5.1/4.5.2 applications, and to provide customers running these configurations with steps for manually ...
Copy Link: https://technet.microsoft.com/en-us/library/security/2960358   
Published: 2015 10 13 17:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3097966 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 2.0 - published over 8 years ago.
Content: Revision Note: V2.0 (October 13, 2015): Advisory revised to notify customers that an update is available that modifies the Code Integrity component in Windows to extend trust removal for the four digital certificates addressed by this advisory to also preclude kernel-mode code signing.Summary: Microsoft is aware of four digital certificates that were inadver...
Copy Link: https://technet.microsoft.com/en-us/library/security/3097966   
Published: 2015 10 13 17:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3042058 - Update to Default Cipher Suite Priority Order - Version: 1.1 - published over 8 years ago.
Content: Revision Note: V1.1 (October 13, 2015): Advisory revised to announce that the Default Cipher Suite Prioritization update (3042058), originally released May 12, 2015 via the Microsoft Download Center (DLC) only, is now also available via Microsoft Update (MU) and Windows Server Update Services (WSUS). This is an update offering venue change only. There were n...
Copy Link: https://technet.microsoft.com/en-us/library/security/3042058   
Published: 2015 10 13 17:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3108638 - Update for Windows Hyper-V to Address CPU Weakness - Version: 1.0 - published over 8 years ago.
Content: Revision Note: V1.0 (November 10, 2015): Advisory published.Summary: Microsoft is announcing the availability of a security update for Windows Hyper-V to protect against a denial of service condition that can be triggered with certain central processing unit (CPU) chipsets. Although the weakness resides in the chipset, Microsoft is issuing this security upda...
Copy Link: https://technet.microsoft.com/en-us/library/security/3108638   
Published: 2015 11 10 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3119884 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0 - published over 8 years ago.
Content: Revision Note: V1.0 (November 30, 2015): Advisory published.Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate other domains, or sign code. In addition, these certificates could ...
Copy Link: https://technet.microsoft.com/en-us/library/security/3119884   
Published: 2015 11 30 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0 - published over 8 years ago.
Content: Revision Note: V1.0 (December 8, 2015): Advisory published.Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign c...
Copy Link: https://technet.microsoft.com/en-us/library/security/3123040   
Published: 2015 12 08 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3057154 - Update to Harden Use of DES Encryption - Version: 1.1 - published over 8 years ago.
Content: Revision Note: V1.1 (December 8, 2015): Advisory updated to include more information about disabling DES by default in Windows 7 and Windows Server 2008 R2 and later operating systems. The update allows DES to be used between client and server to address scenarios in which DES is still required for application compatibility reasons.Summary: Microsoft is anno...
Copy Link: https://technet.microsoft.com/en-us/library/security/3057154   
Published: 2015 12 08 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2755801 - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge - Version: 53.0 - published over 8 years ago.
Content: Revision Note: V53.0 (January 5, 2016): Added the 3133431 update to the Current Update section.Summary: Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10; the update is al...
Copy Link: https://technet.microsoft.com/en-us/library/security/2755801   
Published: 2016 01 05 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3109853 - Update to Improve TLS Session Resumption Interoperability - Version: 1.0 - published over 8 years ago.
Content: Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is announcing the availability of an update to improve interoperability between Schannel-based TLS clients and 3rd-party TLS servers that enable RFC5077-based resumption and that send the NewSessionTicket message in the abbreviated TLS handshake. The update addresses an issue in sc...
Copy Link: https://technet.microsoft.com/en-us/library/security/3109853   
Published: 2016 01 12 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3118753 - Updates for ActiveX Kill Bits 3118753 - Version: 1.0 - published over 8 years ago.
Content: Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update released on January 12, 2016.
Copy Link: https://technet.microsoft.com/en-us/library/security/3118753   
Published: 2016 01 12 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2871997 - Update to Improve Credentials Protection and Management - Version: 5.0 - published about 8 years ago.
Content: Revision Note: V5.0 (February 9, 2016): Rereleased advisory to announce the release of update 3126593 to enable the Restricted Admin mode for Credential Security Support Provider (CredSSP) by default. See Updates Related to this Advisory for details.Summary: Microsoft is announcing the availability of updates for supported editions of Windows 7, Windows Serv...
Copy Link: https://technet.microsoft.com/en-us/library/security/2871997   
Published: 2016 02 09 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1 - published about 8 years ago.
Content: Revision Note: V1.1 (February 10, 2016): Advisory updated to include download information for Microsoft ASP.NET Web Frameworks, and Tools and Microsoft ASP.NET and Web Tools. This is an informational change only.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of Visual Studio 2013, Vi...
Copy Link: https://technet.microsoft.com/en-us/library/security/3137909   
Published: 2016 02 10 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3152550 - Update to Improve Wireless Mouse Input Filtering - Version: 1.1 - published about 8 years ago.
Content: Revision Note: V1.1 (April 22, 2016): Added FAQs and additional information to clarify that only standalone mouse devices are affected. This is an informational change only.Summary: Microsoft is announcing the availability of an update to improve input filtering for certain Microsoft wireless mouse devices. The update enhances security by filtering out QWERT...
Copy Link: https://technet.microsoft.com/en-us/library/security/3152550   
Published: 2016 04 22 17:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3155527 - Update to Cipher Suites for FalseStart - Version: 1.0 - published about 8 years ago.
Content: Revision Note: V1.0 (May 10, 2016): Advisory published.Summary: FalseStart allows the TLS client to send application data before receiving and verifying the server Finished message. This allows an attacker to launch a man-in-the-middle (MiTM) attack to force the TLS client to encrypt the first flight of application_data records using the attacker’s chosen ci...
Copy Link: https://technet.microsoft.com/en-us/library/security/3155527   
Published: 2016 05 10 17:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 2880823 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0 - published almost 8 years ago.
Content: Revision Note: V2.0 (May 18, 2016): Advisory updated to provide links to the current information regarding the use of the SHA1 hashing algorithm for the purposes of SSL and code signing. For more information, see Windows Enforcement of Authenticode Code Signing and Timestamping.Summary: Microsoft is announcing a policy change to the Microsoft Root Certificat...
Copy Link: https://technet.microsoft.com/en-us/library/security/2880823   
Published: 2016 05 18 17:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3179528 - Update for Kernel Mode Disallowlist - Version: 1.0 - published almost 8 years ago.
Content: Revision Note: V1.0 (August 9, 2016): Click here to enter text.Summary: Microsoft is disallowlisting some publically released versions of securekernel.exe. This advisory includes a list of hashes for specific operating systems that are on the disallow list
Copy Link: https://technet.microsoft.com/en-us/library/security/3179528   
Published: 2016 08 09 17:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3174644 - Updated Support for Diffie-Hellman Key Exchange - Version: 1.0 - published over 7 years ago.
Content: Revision Note: V1.0 (September 13, 2016): Advisory published.Summary:
Copy Link: https://technet.microsoft.com/en-us/library/security/3174644   
Published: 2016 09 13 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3181759 - Vulnerabilities in ASP.NET Core View Components Could Allow Elevation of Privilege - Version: 1.0 - published over 7 years ago.
Content: Revision Note: V1.0 (September 13, 2016): Advisory published.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.0.0. This advisory also provides guidance on what developers can do to help ensure that their applications are updated correctly.
Copy Link: https://technet.microsoft.com/en-us/library/security/3181759   
Published: 2016 09 13 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3214296 - Vulnerabilities in Identity Model Extensions Token Signing Verification Could Allow Elevation of Privilege - Version: 1.0 - published over 7 years ago.
Content: Revision Note: V1.0 (January 10, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public version of Identity Model Extensions 5.1.0. This advisory also provides guidance on what developers can do to help ensure that their apps are updated correctly.
Copy Link: https://technet.microsoft.com/en-us/library/security/3214296   
Published: 2017 01 10 18:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4010983 - Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service - Version: 1.0 - published over 7 years ago.
Content: Revision Note: V1.0 (January 27, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.1.0. This advisory also provides guidance on what developers can do to update their applications correctly.
Copy Link: https://technet.microsoft.com/en-us/library/security/4010983   
Published: 2017 01 27 18:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3123479 - SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0 - published about 7 years ago.
Content: Revision Note: V2.0 (March 14, 2017): Advisory rereleased to announce that the changes described in this advisory have been reverted as of November 2016. This is an informational change only.Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program.
Copy Link: https://technet.microsoft.com/en-us/library/security/3123479   
Published: 2017 03 14 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4010323 - Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet Explorer 11 - Version: 1.0 - published about 7 years ago.
Content: Revision Note: V1.0 (May 9, 2017): Advisory published.Summary: Beginning May 9, 2017, Microsoft released updates to Microsoft Edge and Internet Explorer 11 to block sites that are protected with a SHA-1 certificate from loading and displays an invalid certificate warning. This change will only impact SHA-1 certificates that chain to a Microsoft Trusted Root ...
Copy Link: https://technet.microsoft.com/en-us/library/security/4010323   
Published: 2017 05 09 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4021279 - Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege - Version: 1.1 - published about 7 years ago.
Content: Revision Note: V1.1 (May 10, 2017): Advisory revised to include a table of issue CVEs and their descriptions. This is an informational change only.Summary: Microsoft is releasing this security advisory to provide information about vulnerabilities in the public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to updat...
Copy Link: https://technet.microsoft.com/en-us/library/security/4021279   
Published: 2017 05 10 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4022344 - Security Update for Microsoft Malware Protection Engine - Version: 1.2 - published almost 7 years ago.
Content: Severity Rating: CriticalRevision Note: V1.2 (May 12, 2017): Added entries into the affected software table. This is an informational change only.Summary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft.
Copy Link: https://technet.microsoft.com/en-us/library/security/4022344   
Published: 2017 05 12 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4022345 - Identifying and correcting failure of Windows Update client to receive updates - Version: 1.3 - published almost 7 years ago.
Content: Severity Rating: CriticalRevision Note: V1.3 (May 12, 2017): Updated FAQ to clarify the update that needs to be installed: “the current cumulative update”. This is an informational change only.Summary: Microsoft is releasing this security advisory to provide information related to an uncommon deployment scenario in which the Windows Update Client may not pro...
Copy Link: https://technet.microsoft.com/en-us/library/security/4022345   
Published: 2017 05 12 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4025685 - Guidance related to June 2017 security update release - Version: 1.0 - published almost 7 years ago.
Content: Revision Note: V1.0 (June 13, 2017): Advisory publishedSummary: Microsoft is announcing the availability of additional guidance for critical security updates, that are at heightened risk of exploitation due to past and threatened nation-state attacks and disclosures. Some of the releases are new, and some are for older platforms that we are making publicly a...
Copy Link: https://technet.microsoft.com/en-us/library/security/4025685   
Published: 2017 06 13 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0 - published almost 7 years ago.
Content: Revision Note: V1.0 (June 27, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to inform customers that a new version of Azure Active Directory (AD) Connect is available that addresses an Important security vulnerability.
Copy Link: https://technet.microsoft.com/en-us/library/security/4033453   
Published: 2017 06 27 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0 - published almost 7 years ago.
Content: Revision Note: V1.0 (August 8, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for applications developed with the Microsoft Internet Explorer layout engine, also known as the Trident layout engine. This advisory also provides guidance on what developers and individuals can d...
Copy Link: https://technet.microsoft.com/en-us/library/security/4038556   
Published: 2017 08 08 17:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0 - published over 6 years ago.
Content: Revision Note: V1.0 (December 12, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for the AD DS (Active Directory Domain Services) account used by Azure AD Connect for directory synchronization. This advisory also provides guidance on what on-premises AD administrators can do...
Copy Link: https://technet.microsoft.com/en-us/library/security/4056318   
Published: 2017 12 12 18:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0 - published over 6 years ago.
Content: Revision Note: V3.0 (January 9, 2018): Microsoft has released an update for all supported editions of Microsoft Excel that allows users to set the functionality of the DDE protocol based on their environment. For more information and to download the update, see ADV170021.Summary: Microsoft is releasing this security advisory to provide information regarding ...
Copy Link: https://technet.microsoft.com/en-us/library/security/4053440   
Published: 2018 01 09 18:00:00
Received: 2022 04 14 18:03:35
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities