Microsoft Support & Discussions

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Continue reading...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update helps to resolve an information disclosure vulnerability in Microsoft Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability an attacker would first have to use another vulnerability in Internet Explorer to execute code in the sandboxed process. The attacker could then execute Notepad, Visio, PowerPoint, Excel, or Word with an unsafe command line parameter to effect information disclosure. To be protected from the vulnerability, customers must apply the updates provided in this bulletin, as well as the update for Internet Explorer p…

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application or convinces a user to open a specially crafted file that invokes a vulnerable sandboxed application, allowing an attacker to escape the sandbox. Continue reading...

Mozilla's Firefox 40 for Windows 10 includes built-in browser-choice mechanisms meant to unseat Microsoft's Edge and Bing search engine defaults. After complaining that Microsoft has made choosing a browser other than its own Edge too difficult with Windows 10, Firefox officials have taken browser-choice into their own hands. Firefox 40 for Windows 10, made generally available on August 11, includes new "support materials to show you how to restore or choose Firefox as your default browser in Windows 10." The new Firefox for Windows 10 goes further. When Windows 10 users look to the Cortana search box built into the task bar, web searches done from that searc…

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

Severity Rating: None Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker inserts a malicious USB device into a target system. An attacker could then write a malicious binary to disk and in certain situations execute it. Continue reading...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker inserts a malicious USB device into a target system. An attacker could then write a malicious binary to disk and in certain situations execute it. Continue reading...

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Continue reading...

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Continue reading...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with Remote Desktop Protocol (RDP) enabled. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. Continue reading...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker engineered a cross-site scripting (XSS) scenario by inserting a malicious script into a webpage search parameter. A user would have to visit a specially crafted webpage where the malicious script would then be executed. Continue reading...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft System Center Operations Manager. The vulnerability could allow elevation of privilege if a user visits an affected website by way of a specially crafted URL. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes users to the affected website. Continue reading...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves a vulnerability affected software Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted file that invokes the vulnerable sandboxed application. Continue reading...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application. However, in all cases, an attacker would have no way to force users to run the application; an attacker would have to convince users to do so. Continue reading...

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, and Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded TrueType fonts. Continue reading...

Introduction Today Microsoft released update MS15-085 to address CVE-2015-1769, an important severity security issue in Mount Manager. It affects both client and server versions, from Windows Vista to Windows 10. The goal of this blog post is to provide information on the detection guidance to help defenders detect attempts to exploit this issue.

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team

Over the past few weeks, there’s been a lot of talk about Windows 10 privacy. Some are skeptical that Microsoft hasn’t taken a step back from heavily monitoring the Insider builds following the upgrade to RTM. Others are concerned of Microsoft being vague about exactly what user information it collects from its new operating system, which it’s handing out for free, with the goal of getting on a billion PCs, so that it can sell that info to the NSA for big bucks. Things are getting out of hand. This is Windows, and its nature has always been to give users options. That remains true in Windows 10. If you are concerned about your privacy while using Windows 10, here’s wha…

It pleases me to say that I was the first person to tell Pip Marlow about the blockbuster film “Mad Max: Fury Road.” “I haven’t seen it, to be honest,” she said. “But I saw the original ‘Mad Max,’ years ago.” Presented with such an opportunity—to waste the time of the executive in charge of Microsoft’s overall business in Australia with a hardcore geek’s synopsis of a post-apocalyptic action movie—one would think I’d start babbling on about stunt performers, tricked-out muscle cars and electric guitars that shoot fire. Instead, I told Marlow about a minor controversy that erupted around the film’s release in the United States: A blogger representing the so-called “M…

VLC for Windows 10 gets a new name, hundreds of bugfixes, and cool new features VLC for Windows has been updated for Windows 10, now featuring a new name. Having previously been called VLC for Windows 8, the app is now referred to as VLC for Windows Store. "It’s been a long time since we updated the VLC app on the Windows Store. Last update was released on May, 19th, and April 23rd on Windows Phone. Today, we’re releasing an update on VLC for Windows 8.1 and Windows 10. It has been optimized to run flawlessly on Windows 10. This new version brings tons of changes and bugfixes," app developer Thomas Nigro stated in an official blog post. So what's new in this majo…

Audiobooks change the way you enjoy your favorite books and discover new ones in many ways, from how the text comes alive to the freedom you have as you’re “reading.” Audiobooks from Audible, the premier online provider of digital audiobooks and more, just brought its great selection and impressive features to Windows 10 in their new Universal Windows App. Windows 10 features users will enjoy: • Download over 180,000 professionally-narrated audiobooks and periodicals to your device • Pick up where you left off: sync your last position heard across all of your devices • Control your listening experience with Cortana voice commands and button-free mode • Naviga…

August seems to have crept up on us, and its first week has brought some exciting news for gamers, Windows 10 users, music fans, Microsoft employees and plenty of others around the globe. We’ve rounded up the highlights for this latest edition of Weekend Reading. Microsoft made a splash at gamescom 2015, the world’s biggest interactive games and entertainment expo, by unveiling new footage for some highly anticipated games for Xbox and Windows 10. The company debuted world-premiere gameplay of “Crackdown 3,” “Scalebound” and “Killer Instinct Season 3,” alongside a new gameplay demo of the eagerly awaited “Quantum Break.” Xbox also announced the launch dates of Xbox …