Jump to content

Microsoft Support & Discussions

Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also. 

84,882 topics in this forum

  1. Guest Microsoft Security

    MS11-077 - Important : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code...

    by Guest Microsoft Security
    • 0 replies
    • 138 views

    Severity Rating: Important Revision Note: V1.0 (October 11, 2011): Bulletin published. Summary: This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted font file (such as a .fon file) in a network share, a UNC or WebDAV location, or an e-mail attachment. For a remote attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open the specially crafted font file, or open the file as an e-mail attachment. Continue reading...

    Guest
    Last reply by Guest,
  2. Guest Microsoft Security

    MS11-076 - Important : Vulnerability in Windows Media Center Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 135 views

    Severity Rating: Important Revision Note: V1.0 (October 11, 2011): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Windows Media Center. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Media Center could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file. Continue r…

    Guest
    Last reply by Guest,
  3. Guest Microsoft Security

    MS11-074 - Important : Vulnerabilities in Microsoft SharePoint Could Allow Elevation of...

    by Guest Microsoft Security
    • 0 replies
    • 133 views

    Severity Rating: Important Revision Note: V1.3 (October 11, 2011): Announced changes to detection logic for some affected configurations. There were no changes to the security update files. See the Update FAQ for details. Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the In…

    Guest
    Last reply by Guest,
  4. Guest Microsoft Security

    MS11-072 - Important : Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 134 views

    Severity Rating: Important Revision Note: V1.1 (October 11, 2011): Announced a detection logic change for update KB2553094. There were no changes to the security update files. See the Update FAQ for details. Summary: This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative use…

    Guest
    Last reply by Guest,
  5. Guest ieblog

    Site Ready WebSockets

    by Guest ieblog
    • 0 replies
    • 33 views

    The Web gets richer and developers are more creative when sites and services can communicate and send notifications in real-time. WebSockets technology has made significant progress over the last nine months. The standards around WebSockets have converged substantially, to the point that developers and consumers can now take advantage of them across different implementations, including IE10 in Windows 8. You can try out a WebSockets test drive that shows real time, multiuser drawing that works across multiple browsers. What is WebSockets and what does it do? WebSockets enable Web applications to deliver real-time notifications and updates in the browser. Developers ha…

    Guest
    Last reply by Guest,
  6. Guest ieblog

    Windows Developer Preview: The Third IE10 Platform Preview

    by Guest ieblog
    • 0 replies
    • 34 views

    With the new IE10 engine included in the Windows Developer Preview, developers can work with more HTML5 technologies to build touch-friendly and beautiful interactive Web applications. This video shows some of the touch-friendly HTML5 technologies in the third IE10 Platform Preview, included with the Windows Developer Preview. Windows 8 includes one HTML5 browsing engine that powers two browsing experiences: the new Metro style browser and IE10 on the desktop. The common HTML5 engine provides strong support for Web standards and a consistently fast, safe, and powerful Web programming model for both browser experiences as well as for Metro style applications. You can …

    Guest
    Last reply by Guest,
  7. Guest ieblog

    Asynchronous Programming in JavaScript with “Promises”

    by Guest ieblog
    • 0 replies
    • 31 views

    Asynchronous patterns are becoming more common and more important to moving web programming forward. They can be challenging to work with in JavaScript. To make asynchronous (or async) patterns easier, JavaScript libraries (like jQuery and Dojo) have added an abstraction called promises (or sometimes deferreds). With these libraries, developers can use promises in any browser with good ECMAScript 5 support. In this post, we’ll explore how to use promises in your web applications using XMLHttpRequest2 (XHR2) as a specific example. Benefits and Challenges with Asynchronous Programming As an example, consider a web page that starts an asynchronous operation like XMLHttpR…

    Guest
    Last reply by Guest,
  8. Guest ieblog

    Online Tracking, Consumer Protection, and Web Standards

    by Guest ieblog
    • 0 replies
    • 35 views

    Today, the W3C announced the creation of a Tracking Protection Working Group to work on defining what tracking is, signaling user intent, and tracking protection lists. The W3C’s action here can help protect consumers from unwanted tracking. We welcome the opportunity to work with the industry and governments on a Web standard based on our earlier work. The Tracking Protection feature in IE9 provides a way for consumers to benefit today by restricting which sites on the Web get information from them. The W3C accepted and published Microsoft’s member submission for an Internet standard to help protect consumer privacy last February. IE9 supports the “Do-Not-Track” header…

    Guest
    Last reply by Guest,
  9. Guest ieblog

    Browsing Without Plug-ins

    by Guest ieblog
    • 0 replies
    • 154 views

    Because more and more browsing takes place on an ever wider variety of devices, and browsers on them, more and more consumers are browsing without plug-ins. Delivering a great site experience to consumers who browse the Web plug-in free is important work that sites must do to reach the widest audience. With HTML5, modern browsers and sites can deliver a great consumer experience even without plug-ins. “Plug-in” refers broadly to browser extensions that run native client code using low-level browser interfaces. For example, here is a basic description of Webkit’s approach the IE equivalents are ActiveX controls and Browser Helper Objects. Web sites use a wide variety of …

    Guest
    Last reply by Guest,
  10. Guest Microsoft Security

    MS10-070 - Important : Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) -...

    by Guest Microsoft Security
    • 0 replies
    • 136 views

    Severity Rating: Important Revision Note: V4.2 (October 26, 2011): Corrected Server Core installation applicability for .NET Framework 4 on Windows Server 2008 R2 for x64-based Systems. Summary: This security update resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft …

    Guest
    Last reply by Guest,
  11. Guest Microsoft Security

    MS11-075 - Important : Vulnerability in Microsoft Active Accessibility Could Allow Remote Code...

    by Guest Microsoft Security
    • 0 replies
    • 127 views

    Severity Rating: Important Revision Note: V1.2 (October 25, 2011): Revised the update file names for 32-bit and x64-based editions of Windows XP and Windows Server 2003, in accordance with the schema documented in Microsoft Knowledgebase Article KB816915. This is a change to file names only. There were no changes to the detection logic or update content. Customers who have already successfully installed this update do not need to take any action. Summary: This security update resolves a privately reported vulnerability in the Microsoft Active Accessibility component. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate…

    Guest
    Last reply by Guest,
  12. Guest Microsoft Security

    MS11-058 - Critical : Vulnerabilities in DNS Server Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 126 views

    Severity Rating: Critical Revision Note: V1.2 (October 25, 2011): Announced a change to detection logic and corrected bulletin replacement information for some affected configurations. There were no changes to the security update files. See the Update FAQ for details. Summary: This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk. Continue reading...

    Guest
    Last reply by Guest,
  13. Guest Microsoft Security

    MS11-082 - Important : Vulnerabilities in Host Integration Server Could Allow Denial of...

    by Guest Microsoft Security
    • 0 replies
    • 121 views

    Severity Rating: Important Revision Note: V1.0 (October 11, 2011): Bulletin published. Summary: This security update resolves two publicly disclosed vulnerabilities in Host Integration Server. The vulnerabilities could allow denial of service if a remote attacker sends specially crafted network packets to a Host Integration Server listening on UDP port 1478 or TCP ports 1477 and 1478. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the Ho…

    Guest
    Last reply by Guest,
  14. Guest Microsoft Security

    MS11-080 - Important : Vulnerability in Ancillary Function Driver Could Allow Elevation of...

    by Guest Microsoft Security
    • 0 replies
    • 125 views

    Severity Rating: Important Revision Note: V1.0 (October 11, 2011): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability. Continue reading...

    Guest
    Last reply by Guest,
  15. Guest ieblog

    Building Rich Text-Centric Pages in IE10

    by Guest ieblog
    • 0 replies
    • 90 views

    Internet Explorer 10 in the Windows Developer Preview introduces two new CSS features designed to make it easier for developers to create rich text-centric Web pages and apps. CSS3 Regions provides a lightweight mechanism to flow content through multiple non-contiguous areas. IE10’s support of CSS3 Hyphenation gives developers a simple mechanism to hyphenate text in a wide range of languages. These two new features complement other great CSS features we previously announced, including CSS3 Grid Layout, CSS3 Flexible Box Layout, CSS3 Multi-column Layout, and Positioned Floats. Taken together, this set of standards-based features provides developers powerful new tools …

    Guest
    Last reply by Guest,
  16. Guest ieblog

    Reminder: SVG Open 2011 October 17-20

    by Guest ieblog
    • 0 replies
    • 35 views

    SVG Open 2011, the 9th International Conference on Scalable Vector Graphics, is just over two weeks away. This year’s theme, “Where SVG Meets the Web,” underscores SVG’s inclusion in HTML5 and its growing importance on the Web. SVG is also the declarative vector graphics format for Windows 8 Metro style apps built using HTML. The conference is an annual showcase of SVG innovation bringing together the leaders who drive SVG forward. Microsoft is honored to host this year’s conference at our New England Research & Development Center in the heart of Cambridge, Massachusetts. Joining us as sponsors are Google, Adobe, IBM, Slippery Rock University, Rochester Institute of …

    Guest
    Last reply by Guest,
  17. Guest ieblog

    CSS3 text-shadow in IE10

    by Guest ieblog
    • 0 replies
    • 34 views

    IE10 in the Windows Developer Preview introduces support for hardware-accelerated CSS3 text-shadow. Text-shadow is one of the top requested features from Web developers. It enables text effects that were previously difficult or impossible to accomplish in a standards-friendly way without resorting to inline images of text. Text-Shadow in IE10 As its name suggests, text-shadow is a CSS property that draws a shadow behind text. Example of a purple text-shadow behind text Use it to draw attention to text and to give the text some depth. In some cases, especially with text over an image or color background, text-shadow can be used to add contrast and improve readabil…

    Guest
    Last reply by Guest,
  18. Guest ieblog

    Building Offline Experiences with HTML5 AppCache and IndexedDB

    by Guest ieblog
    • 0 replies
    • 34 views

    Users expect their Web sites and apps to work well even when the network isn't available. With data increasingly stored in the cloud, developers want to enable fluid experiences that allow access to data when there is no connectivity when devices are disconnected from the network or when they encounter dead spots in coverage. In this post, we show how to create well-behaved offline sites and apps using the following HTML5 features: AppCache to store file resources locally and access them offline as URLs IndexedDB to store structured data locally so you can access and query it DOM Storage to store small amounts of text information locally Offline events to detect if …

    Guest
    Last reply by Guest,
  19. Guest ieblog

    Touch Input for IE10 and Metro style Apps

    by Guest ieblog
    • 0 replies
    • 121 views

    The Web is more interactive, fun, and immersive when sites work well with new input devices and touch screens. The Windows Developer Preview introduces support for handling touch and pen input in your sites and apps. Developers can now ensure their sites work well with touch and build powerful new experiences that make the most of advanced input such as multi-touch and gestures. You can see this in action on the IE Test Drive site in the new and updated demos Touch Effects, Lasso Birds, and Flying Images. Handling touch-first input without compromising mouse “Windows 8” Metro style IE and applications bring a first-in-class touch experience to Windows and does so with…

    Guest
    Last reply by Guest,
  20. Guest Paul Cooke

    Protecting Browsers with Defense In Depth Techniques

    by Guest Paul Cooke
    • 0 replies
    • 35 views

    Posted on half of Pete LePage on the Internet Explorer team. Protecting Windows customers is an absolute priority for the Internet Explorer engineering team. That's why we work hard to make sure our browser has some of the best safety and privacy features available today. We've spent a lot of time talking about some of the more visible safety and privacy features like our SmartScreen Filter, that protects users from socially engineered malware and phishing attacks or the InPrivate features that put you in control of how you share your information. But there are a number of other features that aren't as visible and help prevent vulnerabilities from being exploited, tho…

    Guest
    Last reply by Guest,
  21. Guest Paul Cooke

    Vulnerability in Virtual PC?

    by Guest Paul Cooke
    • 0 replies
    • 34 views

    Earlier today, Core Security Technologies issued a security advisory for our Virtual PC (VPC) software. The advisory calls out a proof of concept where the virtual machine monitor allows memory pages above the 2GB level to be read from or written to by user-space programs running within a guest operating system. The advisory explicitly calls into question the effectiveness of many of the security hardening features of Windows, including DEP, SafeSEH, and ASLR. Folks are already starting to ask questions about this advisory, so I thought it would be best to answer them here. First and foremost, customers should rest assured that this advisory does not affect the security…

    Guest
    Last reply by Guest,
  22. Guest Paul Cooke

    Creating a Safer, More Trusted Internet

    by Guest Paul Cooke
    • 0 replies
    • 33 views

    The RSA Security Conference is underway this week in San Francisco and Microsoft's own Scott Charney, Corporate Vice President Trustworthy Computing, delivered one of yesterday's keynote addresses: Creating a Safer, More Trusted Internet. The keynote centered on Microsoft's Trustworthy Computing initiative, our End to End Trust vision, and how we have been working to further protect the security and privacy of for all the users of the Internet. The End to End Trust vision has not changed over the last couple of years and we don't anticipate it changing for some time. We continue to make progress along this vision and Scott outlined many areas where we are actively engage…

    Guest
    Last reply by Guest,
  23. Guest Paul Cooke

    Black Hat TPM Hack and BitLocker

    by Guest Paul Cooke
    • 0 replies
    • 42 views

    Last week at the Black Hat DC conference a presenter showed how one manufacturer's Trusted Platform Module (TPM) could be physically compromised to gain access to the secrets stored inside. Since that presentation, I have had plenty of questions from customers wanting to know how this might affect Windows. The answer? We believe that using a TPM is still an effective means to help protect sensitive information and accordingly take advantage of a TPM (if available) with our BitLocker Drive Encryption feature in Windows 7. The attack shown requires physical possession of the PC and requires someone with specialized equipment, intimate knowledge of semiconductor design, and…

    Guest
    Last reply by Guest,
  24. Guest Paul Cooke

    Windows BitLocker Claims

    by Guest Paul Cooke
    • 0 replies
    • 31 views

    Windows 7 is seeing success in the marketplace which I am very happy about from a security perspective. The Microsoft Security Intelligence Report has shown us again and again that the more up-to-date a PC is, the less likely it is to be infected by malware and other potentially dangerous software. So Windows 7 making strides is helpful to the ecosystem overall from a security standpoint. Success comes at a price though, through greater scrutiny and misinterpretation of some of the technologies. One of those technologies is BitLocker. I've seen numerous claims the past few weeks about weaknesses in BitLocker and even claims of commercial software that "breaks" BitLocker.…

    Guest
    Last reply by Guest,
  25. Guest Microsoft Security

    MS11-069 - Moderate : Vulnerability in .NET Framework Could Allow Information Disclosure...

    by Guest Microsoft Security
    • 0 replies
    • 133 views

    Severity Rating: Moderate Revision Note: V1.2 (October 26, 2011): Corrected Server Core installation applicability for .NET Framework 4 on Windows Server 2008 R2 for x64-based Systems. Summary: This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow information disclosure if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided conten…

    Guest
    Last reply by Guest,
×
×
  • Create New...