Jump to content

Microsoft Support & Discussions

Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also. 

84,882 topics in this forum

  1. Guest Microsoft Security

    MS11-052 - Critical : Vulnerability in Vector Markup Language Could Allow Remote Code...

    by Guest Microsoft Security
    • 0 replies
    • 133 views

    Severity Rating: Critical Revision Note: V1.1 (July 12, 2011): Announced a change to detection logic and corrected bulletin replacement information for some affected configurations. There were no changes to the security update files. See the Update FAQ for details. Summary: This security update resolves a privately reported vulnerability in the Microsoft implementation of Vector Markup Language (VML). This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. Internet Explorer 9 is not affected by the…

    Guest
    Last reply by Guest,
  2. Guest Microsoft Security

    MS08-069 - Critical : Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code...

    by Guest Microsoft Security
    • 0 replies
    • 137 views

    Severity Rating: Critical Summary: This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Continue reading...

    Guest
    Last reply by Guest,
  3. Guest Microsoft Security

    MS11-046 - Important : Vulnerability in Ancillary Function Driver Could Allow Elevation of...

    by Guest Microsoft Security
    • 0 replies
    • 281 views

    Severity Rating: Important Revision Note: V1.1 (June 30, 2011): Corrected the Affected Software table to include MS10-058 as a bulletin replaced by this update. This is an informational change only. There were no changes to the security update files or detection logic. Summary: This security update resolves a publicly disclosed vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability. Continue reading...

    Guest
    Last reply by Guest,
  4. Guest Microsoft Security

    MS11-057 - Critical : Cumulative Security Update for Internet Explorer (2559049) - Version: 1.0

    by Guest Microsoft Security
    • 0 replies
    • 132 views

    Severity Rating: Critical Revision Note: V1.0 (August 9, 2011): Bulletin published. Summary: This security update resolves five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Continue reading...

    Guest
    Last reply by Guest,
  5. Guest Microsoft Security

    MS11-050 - Critical : Cumulative Security Update for Internet Explorer (2530548) - Version: 1.1

    by Guest Microsoft Security
    • 0 replies
    • 139 views

    Severity Rating: Critical Revision Note: V1.1 (August 9, 2011): Clarified that one of the defense-in-depth changes included in this security update addresses a memory address leak issue, publicly referenced as CVE-2011-1346. This is an informational change only. Summary: This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user ri…

    Guest
    Last reply by Guest,
  6. Guest Microsoft Security

    MS11-027 - Critical : Cumulative Security Update of ActiveX Kill Bits (2508272) - Version: 1.1

    by Guest Microsoft Security
    • 0 replies
    • 141 views

    Severity Rating: Critical Revision Note: V1.1 (July 27, 2011): Added class identifiers for the Microsoft WMITools ActiveX Control described in this bulletin's vulnerability section for CVE-2010-3973. This is an informational change only. Customers who have already applied the "Prevent COM objects from running in Internet Explorer" workaround for this vulnerability should reapply this workaround with the additional class identifiers. Summary: This security update resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft software. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page …

    Guest
    Last reply by Guest,
  7. Guest Microsoft Security

    MS11-056 - Important : Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow...

    by Guest Microsoft Security
    • 0 replies
    • 127 views

    Severity Rating: Important Revision Note: V1.1 (July 21, 2011): Added a link to Microsoft Knowledge Base Article 2507938 under Known Issues in the Executive Summary. Summary: This security update resolves five privately reported vulnerabilities in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities. Continue reading...

    Guest
    Last reply by Guest,
  8. Guest Microsoft Security

    MS11-055 - Important : Vulnerability in Microsoft Visio Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 267 views

    Severity Rating: Important Revision Note: V1.0 (July 12, 2011): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Continue reading...

    Guest
    Last reply by Guest,
  9. Guest Microsoft Security

    MS11-065 - Important : Vulnerability in Remote Desktop Protocol Could Allow Denial of Service...

    by Guest Microsoft Security
    • 0 replies
    • 136 views

    Severity Rating: Important Revision Note: V1.0 (August 9, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow denial of service if an affected system received a sequence of specially crafted RDP packets. Microsoft has also received reports of limited, targeted attacks attempting to exploit this vulnerability. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Continue reading...

    Guest
    Last reply by Guest,
  10. Guest Microsoft Security

    MS11-064 - Important : Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)...

    by Guest Microsoft Security
    • 0 replies
    • 134 views

    Severity Rating: Important Revision Note: V1.0 (August 9, 2011): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow denial of service if an attacker sends a sequence of specially crafted Internet Control Message Protocol (ICMP) messages to a target system or sends a specially crafted URL request to a server that is serving Web content and has the URL-based Quality of Service (QoS) feature enabled. Continue reading...

    Guest
    Last reply by Guest,
  11. Guest Microsoft Security

    MS11-062 - Important : Vulnerability in Remote Access Service NDISTAPI Driver Could Allow...

    by Guest Microsoft Security
    • 0 replies
    • 108 views

    Severity Rating: Important Revision Note: V1.0 (August 9, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability and take complete control over the affected system. An att…

    Guest
    Last reply by Guest,
  12. Guest Microsoft Security

    MS11-061 - Important : Vulnerability in Remote Desktop Web Access Could Allow Elevation of...

    by Guest Microsoft Security
    • 0 replies
    • 148 views

    Severity Rating: Important Revision Note: V1.0 (August 9, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Remote Desktop Web Access. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack for its users when browsing to a Remote Desktop Web Access server in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 is not enabled by default in the Intranet Zone. Co…

    Guest
    Last reply by Guest,
  13. Guest Microsoft Security

    MS11-060 - Important : Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 129 views

    Severity Rating: Important Revision Note: V1.0 (August 9, 2011): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Continue reading...

    Guest
    Last reply by Guest,
  14. Guest Paul Thurrott

    HP to Release webOS to Open Source Community

    by Guest Paul Thurrott
    • 0 replies
    • 130 views

    By Paul Thurrott Just months after announcing plans to halt sales of its webOS-based smart phones and tablets and leaving the fate of the technically excellent but poorly-selling mobile platform up in the air, HP has rendered a verdict. The computing giant will release webOS to the open source community, giving it a second chance with technology enthusiasts. Continue reading...

    Guest
    Last reply by Guest,
  15. Guest Microsoft Security

    MS11-063 - Important : Vulnerability in Windows Client/Server Run-time Subsystem Could Allow...

    by Guest Microsoft Security
    • 0 replies
    • 135 views

    Severity Rating: Important Revision Note: V1.1 (August 17, 2011): Corrected the hyperlink for CVE-2011-1967. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Continue reading...

    Guest
    Last reply by Guest,
  16. Guest Microsoft Security

    MS11-068 - Moderate : Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)...

    by Guest Microsoft Security
    • 0 replies
    • 130 views

    Severity Rating: Moderate Revision Note: V1.1 (August 10, 2011): Revised the Server Core installation not affected notation for Windows Server 2008 and Windows Server 2008 R2 to clarify that the update will still be offered to systems installed using the Server Core installation option. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user visits a network share (or visits a Web site that points to a network share) containing a specially crafted file. In all cases, however, an attacker would have no way to force a user to visit such a network share or Web site. Instead, a…

    Guest
    Last reply by Guest,
  17. Guest Microsoft Security

    MS11-059 - Important : Vulnerability in Data Access Components Could Allow Remote Code...

    by Guest Microsoft Security
    • 0 replies
    • 140 views

    Severity Rating: Important Revision Note: V1.1 (August 10, 2011): Corrected the restart requirements for the update on all affected operating systems. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate Excel file (such as a .xlsx file) that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operat…

    Guest
    Last reply by Guest,
  18. Guest Microsoft Security

    MS11-045 - Important : Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 121 views

    Severity Rating: Important Revision Note: V1.1 (August 10, 2011): Removed two erroneous workarounds in this bulletin's vulnerability section for CVE-2011-1276. This is an informational change only. Summary: This security update resolves eight privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights…

    Guest
    Last reply by Guest,
  19. Guest Microsoft Security

    MS11-067 - Important : Vulnerability in Microsoft Report Viewer Could Allow Information...

    by Guest Microsoft Security
    • 0 replies
    • 125 views

    Severity Rating: Important Revision Note: V1.0 (August 9, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Report Viewer. The vulnerability could allow information disclosure if a user views a specially crafted Web page. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site. Continue reading...

    Guest
    Last reply by Guest,
  20. Guest Microsoft Security

    MS11-043 - Critical : Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)...

    by Guest Microsoft Security
    • 0 replies
    • 116 views

    Severity Rating: Critical Revision Note: V2.1 (September 21, 2011): Corrected the registry key verification entries in the Security Update Deployment section for Windows XP and Windows Server 2003. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit the vulnerability, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server. Continue reading...

    Guest
    Last reply by Guest,
  21. Guest Microsoft Security

    MS11-073 - Important : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 120 views

    Severity Rating: Important Revision Note: V1.0 (September 13, 2011): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file or if a user opens a legitimate Office file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited either of the vulnerabilities could gain the same user rights as the logged on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administra…

    Guest
    Last reply by Guest,
  22. Guest Microsoft Security

    MS11-070 - Important : Vulnerability in WINS Could Allow Elevation of Privilege (2571621) -...

    by Guest Microsoft Security
    • 0 replies
    • 123 views

    Severity Rating: Important Revision Note: V1.0 (September 13, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user received a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Continue reading...

    Guest
    Last reply by Guest,
  23. Guest Microsoft Security

    MS11-049 - Important : Vulnerability in the Microsoft XML Editor Could Allow Information...

    by Guest Microsoft Security
    • 0 replies
    • 124 views

    Severity Rating: Important Revision Note: V2.1 (September 13, 2011): Added an update FAQ to announce a detection change for KB2494089 that corrects an installation issue. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action. Summary: This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow…

    Guest
    Last reply by Guest,
  24. Guest Microsoft Security

    MS10-035 - Critical : Cumulative Security Update for Internet Explorer (982381) - Version: 2.0

    by Guest Microsoft Security
    • 0 replies
    • 241 views

    Severity Rating: Critical Revision Note: V2.0 (September 13, 2011): Rereleased bulletin to reoffer the updates for Internet Explorer on Microsoft Windows 2000 and Windows XP to address a detection issue. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action. Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer…

    Guest
    Last reply by Guest,
  25. Guest Microsoft Security

    MS11-079 - Important : Vulnerabilities in Microsoft Forefront Unified Access Gateway Could...

    by Guest Microsoft Security
    • 0 replies
    • 134 views

    Severity Rating: Important Revision Note: V1.0 (October 11, 2011): Bulletin published. Summary: This security update resolves five privately reported vulnerabilities in Forefront Unified Access Gateway (UAG). The most severe of these vulnerabilities could allow remote code execution if a user visits an affected Web site using a specially crafted URL. However, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site. Continue reading...

    Guest
    Last reply by Guest,
×
×
  • Create New...