Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Microsoft  

On Badlock for Samba (CVE-2016-2118) and Windows (CVE-2016-0128)

Today is Badlock Day You may recall that the folks over at badlock.org stated about 20 days ago that April 12 would see patches for "Badlock," a serious vulnerability in the SMB/CIFS protocol that affects both Microsoft Windows and any server…

Getting Ahead of Badlock

While we are keeping abreast of the news about the foretold Badlock vulnerability, we don't know much more than anyone else right now. We're currently speculating that the issue has to do with the fundamentals of the SMB/CIFS protocol, since the vulnerability is reported…

Update Tuesday, March 2016

March continues this quarter's trend with the majority of bulletins (8) addressing remote code execution (RCE) vulnerabilities; the remaining address elevation of privilege (4) and security feature bypass. All of the critical bulletins are remote code execution issues affecting a variety of products and platforms…

Update Tuesday, February 2016

February continues this quarter's trend with the majority of bulletins (7) addressing remote code execution (RCE) vulnerabilities; the remaining 6 evenly address denial of service (DOS) and elevation of privilege. All of the critical bulletins (MS16-009, MS16-011. MS16-012, MS16-013, MS16-015, MS16-022) are remote code execution…

Update Tuesday, January 2016

The year's first release contains 9 bulletins, 7 remote code execution (RCE), an elevation of privilege and spoofing vulnerability. The critical bulletins (MS15-001, MS15-002, MS15-003, MS15-004, MS15-005, MS15-006) are comprised of remote code execution vulnerabilities affecting a variety of products and platforms including Edge, Internet…

Update Tuesday, December 2015

December continues this quarter's trend, 10 bulletins addressing remote code execution (RCE) vulnerabilities, while the remaining two address elevation of privilege. The vulnerabilities affect Internet Explorer (7 and onwards), Edge, Office, Silverlight, VBScript scripting engine and Windows (Vista and onwards). It is advisable for users…

Update Tuesday, November 2015

November sees a mix of remote code execution and elevation of privilege vulnerabilities enabling an attacker to gain the same rights as the user when the victim opens specially crafted content, such as a webpage, journal file or document containing embedded fonts. These vulnerabilities affect…

Update Tuesday, October 2015

This month is dominated by remote code execution vulnerabilities enabling information disclosure if a user opens/visits specifically crafted content. The vulnerabilities affect Internet Explorer, Edge, Windows Shell and Microsoft Office. It is advisable for users and administrators to patch the affected platforms.Microsoft includes…

New Metasploit Tools to Collect Microsoft Patches

Patch testing and analysis are important parts in vulnerability research and exploit development. One popular reason is people would try this technique to rediscover patched bugs, or find ways to keep an 0day alive in case the fix in place is inadequate. The same process…

From Windows to Office 365: Detecting Intruder Behavior in Microsoft Infrastructures

Microsoft infrastructures have traditionally been on-premise. This is about to change as Microsoft is getting incredible traction with Office 365 deployments. As the corporate infrastructure is changing, many security professionals are concerned about security and transparency of their new strategic cloud services and need to…

Microsoft Attack Surface Analyzer (ASA): It's for defenders too!

Attack Surface Analyzer, a tool made by Microsoft and recommended in their Security Development Lifecycle Design Phase, is meant primarily for software developers to understand the additional attack surface their products add to Windows systems. As defenders, this tool can be very useful. The tool…

Update Tuesday, August 2015

This month's update includes 14 Microsoft security bulletins (52 CVEs), with three being rated as critical. One of these vulnerabilities has already affected MS office (MS15-081) and has been detected as being exploited in the wild. As per the norm, Adobe has also released a…

UserInsight Integrates with Microsoft's New Office 365 API to Detect Intruders

If you are at the RSA Conference this week, you may have seen Microsoft's keynote announcing the new Office 365 Activity Feed API this morning. In case you missed it, Microsoft summarized the announcement in today's blog post. The new Management Activity API is a…

A Closer Look at February 2015's Patch Tuesday

This month's Patch Tuesday covers nine security bulletins from Microsoft, including what seems like a not-very-unusual mix of remote code execution (RCE) vulnerabilities and security feature bypasses. However, two of these bulletins – MS15-011 and MS15-014 – require a closer look, both because of the…

Patch Tuesday, January 2015 - Dawn of a new era

Microsoft's January 2015 patch Tuesday marks the start of a new era.  It seems that Microsoft's trend towards openness in security has reversed and the company that was formerly doing so much right, is taking a less open stance with patch information.  It is extremely…