| |
Microsoft Security News
MS10-017 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)
Bulletin Severity Rating:Important - This security update resolves seven privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 09 Mar 2010 08:00:00 GMT
» read
more
|
MS10-016 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)
Bulletin Severity Rating:Important - This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and persuaded the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 09 Mar 2010 08:00:00 GMT
» read
more
|
MS10-015 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)
Bulletin Severity Rating:Important - This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-014 - Important: Vulnerability in Kerberos Could Allow Denial of Service (977290)
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a specially crafted ticket renewal request is sent to the Windows Kerberos domain from an authenticated user on a trusted non-Windows Kerberos realm. The denial of service could persist until the domain controller is restarted.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-013 - Critical: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-012 - Important: Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)
Bulletin Severity Rating:Important - This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-011 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerability could allow elevation of privilege if an attacker logs on to the system and starts a specially crafted application designed to continue running after the attacker logs out. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-010 - Important: Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894)
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-009 - Critical: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
Bulletin Severity Rating:Critical - This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if specially crafted packets are sent to a computer with IPv6 enabled. An attacker could try to exploit the vulnerability by creating specially crafted ICMPv6 packets and sending the packets to a system with IPv6 enabled. This vulnerability may only be exploited if the attacker is on-link.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-008 - Critical: Cumulative Security Update of ActiveX Kill Bits (978262)
Bulletin Severity Rating:Critical - This security update addresses a privately reported vulnerability for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000 and Windows XP, Important for all supported editions of Windows Vista and Windows 7, Moderate for all supported editions of Windows Server 2003, and Low for all supported editions of Windows Server 2008 and Windows Server 2008 R2.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-007 - Critical: Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not impacted by this security update. The vulnerability could allow remote code execution if an application, such as a Web browser, passes specially crafted data to the ShellExecute API function through the Windows Shell Handler.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-006 - Critical: Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
Bulletin Severity Rating:Critical - This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-005 - Moderate: Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)
Bulletin Severity Rating:Moderate - This security update resolves a privately reported vulnerability in Microsoft Paint. The vulnerability could allow remote code execution if a user viewed a specially crafted JPEG image file using Microsoft Paint. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-004 - Important: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
Bulletin Severity Rating:Important - This security update resolves six privately reported vulnerabilities in Microsoft Office PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-003 - Important: Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 09 Feb 2010 08:00:00 GMT
» read
more
|
MS10-002 - Critical: Cumulative Security Update for Internet Explorer (978207)
Bulletin Severity Rating:Critical - This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Thu, 21 Jan 2010 08:00:00 GMT
» read
more
|
MS10-001 - Critical: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font in client applications that can render EOT fonts, such as Microsoft Internet Explorer, Microsoft Office PowerPoint, or Microsoft Office Word. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 12 Jan 2010 08:00:00 GMT
» read
more
|
MS09-074 - Critical: Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Office Project. The vulnerability could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Tue, 08 Dec 2009 08:00:00 GMT
» read
more
|
|
|
 |
A copy of our latest brochure can be downloaded here. Portable Document Format
(PDF).
»
view 1,037kb
|
 |
 |
Internet up for Nobel Peace Prize
The internet is among a record 237 individuals and organisations nominated for this year's Nobel Peace Prize.
» read
more
|
Mobile phone allows boss to snoop
Mobile technology that could allow prying bosses to monitor every movement of their staff is developed in Japan.
» read
more
|
Facebook calls for 'iconic games'
Facebook calls on game designers to make an iconic title, such as Mario or Halo, specifically for the social network.
» read
more
|
File-sharing sanctions 'unfair'
Illegal file-sharers should be fined, rather than have their internet connection cut off, says the boss of BT.
» read
more
|
Hard drive evolution could hit XP
Hard drives are about to undergo one of the biggest format shifts in 30 years but it could cause problems for Windows XP users.
» read
more
|
Porn net domain name plan revived
A plan to create a .xxx net domain for adult content will be revisited three years after it was rejected by internet regulators.
» read
more
|
Banking fraud 'moves to internet'
Fraudsters are continuing their switch from traditional card fraud to raiding online bank accounts, research suggests.
» read
more
|
Nanotech 'fuse' for novel battery
A never-before-seen reaction in nanotubes could make for batteries that pack a mighty punch, say researchers.
» read
more
|
Games migrate to the social side
The merging of social networks and games is set to dominate this year's Game Developers Conference in San Francisco.
» read
more
|
dot.Rory
BT's boss comes out fighting on file-sharing rules
» read
more
|
Vital statistics
Explore the inner workings of the web and its growth
» read
more
|
dot.Maggie
Dotcom crash: Where were you on 10 March 2000?
» read
more
|
Final Fantasy
Costumed fans queue for launch
» read
more
|
Well-rounded
Indian computer graduates get etiquette classes
» read
more
|
Dotcom Crash
10 years on from when the Nasdaq bubble burst
» read
more
|
Internet access 'a human right'
Almost four in five people worldwide see internet access as a fundamental right, a poll for the BBC World Service suggests.
» read
more
|
Sony eyeing June launch of 3D TV
Electronics giant Sony says its new 3D television will be on sale in Japan from June, with a cost of £2,600 for a 46-inch screen model.
» read
more
|
US eases sanctions for freer web
The US eases sanctions on Iran, Cuba and Sudan to help further the use of internet services and support opposition groups.
» read
more
|
Skynet satellite system extended
Skynet 5, the UK's single biggest space project, is to get a fourth satellite to up the bandwidth available to British forces.
» read
more
|
Facebook death 'lessons to learn'
The home secretary says internet safety lessons must be learned after a convicted sex offender contacts and kills a teenager.
» read
more
|
Weak questions put e-mail at risk
Questions used as security checks on websites need to be replaced by better tests to see who someone is, say researchers.
» read
more
|
Drug scam hijacks college sites
UK university websites are targeted by criminals peddling counterfeit drugs from fake online pharmacies.
» read
more
|
Mobile phones learn to lip read
A device that could allow people to conduct phone conversations without uttering a word is shown off by researchers.
» read
more
|
Has copyright gone too far?
Has copyright gone too far? asks Bill Thompson.
» read
more
|
Open society and open systems
Openness must be defended, says Bill Thompson.
» read
more
|
The past is the future for tech
Bill Thompson keeps an eye on the future
» read
more
|
The media and the message
Innovation is the key for papers says Bill Thompson
» read
more
|
Sun spotters protect the Earth
Your help is needed to watch the surface of the Sun
» read
more
|
Naples' online 'ethical' city
The web community founded on morals and manners
» read
more
|
Will people pay for net news?
Can newspapers charge online and survive?
» read
more
|
Are all bits created equal?
The US struggles with the battle over net neutrality
» read
more
|
» all technology news |
|
 |
Active Progression Ltd
Flat 2
18-20 Woodland Road
Kenilworth
Warwickshire
CV8 2FL
Registered Office
The Red Barn
Newton
Nr. Kettering
Northants
NN14 1BW
t: +44(0)8456 123414
e:
info@apweb.co.uk
» Use Enquiry Form
» Location Map
|
|
 |
|
