|
Home > News > Tags > 0-day
|
|
30
While a security update for the Critical zero-day vulnerability in Windows kernel exploited by the Duqu malware is not yet available, Microsoft has reacted quite fast to enable customers to at least deploy a temporary solution until it releases an official patch. The automatic fix currently being offered to all Win... |
4 November 2011
04:06 GMT |
 |
|
Microsoft is hard at work to patch a zero-day security vulnerability that was confirmed to play a key role in recent attacks involving the Duqu malicious code. Believed to be related to Stuxnet, Duqu infects machines by exploiting a previously unknown vulnerability in the Windows kernel. The new piece of malware w... |
2 November 2011
06:30 GMT |
|
|
Zero-day vulnerabilities accounted only for an insignificant volume of infections in the first half of 2011, Microsoft revealed in the Security Intelligence Report volume 11 (SIRv11).
The report took in consideration only top malware families detected by the Malicious Software Removal Tool (MSRT) between January ... |
12 October 2011
06:38 GMT |
|
|
Microsoft will plug a zero-day security hole in Internet Explorer that can allow potential attackers to steal session cookies from users even though it has made it clear that it doesn’t consider the vulnerability as posing a high risk to customers, and without having detected active attacks in the wild. The on... |
30 May 2011
06:25 GMT |
|
|
With the February 2011 release of the Microsoft security bulletins, Internet Explorer users are receiving patches for no less than four vulnerabilities impacting the various supported versions of IE. Most importantly, Microsoft Security Bulletin MS11-003 Cumulative Security Update for Internet Explorer (2482017) bri... |
9 February 2011
07:28 GMT |
|
|
The Zero Day Initiative (ZDI) team at HP TippingPoint has published details on no less than five zero-day security vulnerabilities impacting Microsoft Office. Back in August 2010, ZDI’s Aaron Portnoy was announcing a change in the Disclosure Policy of the vulnerability research outfit. Essentially, ZDI publis... |
8 February 2011
14:31 GMT |
|
|
Microsoft shared details of workarounds that Windows users can implement to protect themselves against exploits targeting a new zero-day vulnerability which allows attackers to steal information from users. The company confirmed reports of the newly discovered Windows security hole, as well as the fact that both pub... |
29 January 2011
05:42 GMT |
|
|
While confirming that details on a Critical zero-day vulnerability have made their way into the wild, Microsoft noted that customers running the latest iteration of Windows client and server platforms are not exposed to any risks. The newly reported security flaw resides in the Windows Graphics Rendering Engine and ... |
5 January 2011
04:52 GMT |
|
|
Microsoft confirmed to Softpedia that it is investigating reports of a zero-day vulnerability impacting Internet Explorer. The issue has been detected using cross_fuzz, a browser fuzzing tool released by Google Researcher Michal Zalewski on January 1st, 20120. Jerry Bryant, group manager, response communications, T... |
3 January 2011
05:40 GMT |
|
|
Microsoft has confirmed a zero-day vulnerability affecting all supported versions of Internet Explorer, including IE8, IE7 and IE6. The Redmond company explains that the security flaw involves the creation of uninitialized memory during a CSS function within the browser. “It is possible under certain condition... |
23 December 2010
04:58 GMT |
|
|
A Critical zero-day vulnerability affecting all supported versions of Internet Explorer will be patched on December 14th, 2010, as a part of the Microsoft’s monthly patch release cycle. The 0-day flaw impacting IE6, IE7 and IE8 has been exploited in the wild since November when the first details and proof-of-c... |
10 December 2010
06:52 GMT |
|
|
Microsoft plans to release patches for a massive 40 vulnerabilities impacting a range of its products in the week of December 20th, 2010.It’s the Redmond company’s last Patch Tuesday and the software giant is closing the year with a veritable ‘bang’ of security bulletins. Users needing to pl... |
10 December 2010
06:48 GMT |
|
|
Details of a zero-day vulnerability impacting Windows 7 but also Windows Vista and Windows XP have been published in the wild.
Security outfit Prevx discovered the new unpatched security flaw in Windows and shared the details with the world, revealing that successful exploits can get an attacker to elevate the p... |
25 November 2010
08:23 GMT |
|
|
Microsoft has moved extremely fast after public reports of a new Critical zero-day vulnerability affecting Internet Explorer emerged, and the company is already offering multiple fixes for the security flaw. On November 2nd, 2010 Microsoft confirmed a security hole impacting Internet Explorer 6, Internet Explorer 7 ... |
4 November 2010
05:48 GMT |
|
|
As a rule, Microsoft does not offer support for pre-release software still in development, with early adopters needing to fend for themselves. But there are exceptions, and an illustrative example in this regard is the patch offered for the first Critical 0-day vulnerability affecting Windows 7 Service Pack 1 (SP1). ... |
3 August 2010
03:39 GMT |
|
|
Malicious software in the wild is evolving with new capabilities designed to allow it to exploit the Critical 0-day vulnerability affecting all supported versions of Windows, and even Windows 7 SP1 Beta and Windows Server 2008 R2 SP1 Beta. According to information supplied by the Redmond company, Win32/Vobfus and Ch... |
26 July 2010
06:13 GMT |
|
|
The first service pack for Windows 7 and Windows Server 2008 is still over half a year away from finalization, but Microsoft is bound to start patching it soon enough. At the end of the past week, the software giant confirmed a Critical zero-day vulnerability affecting all supported editions of Windows client and ser... |
19 July 2010
03:31 GMT |
|
|
Microsoft is warning that the volume of attacks in the wild targeting the Windows Help and Support Center vulnerability (CVE-2010-1885) has increased since the advisory was initially made public on June 10th. The Redmond company, which is actively monitoring the situation, has yet to provide a patch for the security ... |
1 July 2010
07:30 GMT |
|
|
A Critical zero-day vulnerability discovered and made public by a Google employee will be patched as soon as possible, Microsoft has revealed, indicating that it has already started working on a security update. The flaw, which apparently resides in the Windows Help and Support Center function of both Windows XP and ... |
11 June 2010
10:42 GMT |
|
|
The latest version of SharePoint Server, released concomitantly with Office 2010 RTM, does not contain the vulnerable code of a zero-day security flaw in SharePoint Server 2007 and Windows SharePoint Services 3.0. Microsoft is hard at work investigating reports of a previously undisclosed SharePoint vulnerability tha... |
30 April 2010
07:26 GMT |
|
|
Microsoft has been hard at work building a patch for a zero-day security vulnerability affecting older versions of Internet Explorer. The security hole was first confirmed in the first half of this month, with the company indicating that a patch had been in the works as of mid-March. At that time, the software giant ... |
30 March 2010
05:52 GMT |
|
|
Microsoft is moving fast with the development of a security update designed to plug a zero-day hole that affects older versions of Internet Explorer such as IE6 and IE7. The Redmond company doesn’t offer users a patch yet, but it has made the next best thing available. Customers running IE6 and IE7 on top of Wi... |
15 March 2010
06:51 GMT |
|
|
The latest zero-day vulnerability affecting Internet Explorer provides yet another reason for customers running older releases of IE to upgrade to the most recent version. According to Microsoft, Internet Explorer 8 users are protected by default against exploits targeting a new vulnerability, but the same cannot be ... |
10 March 2010
04:54 GMT |
|
|
Microsoft has warned customers running Internet Explorer that details on a new zero-day vulnerability have been made available in the wild. The company emphasized that it had not detected any attacks or exploits targeting the newly discovered security hole, and that it is hard at work on producing a patch. The compan... |
4 February 2010
06:59 GMT |
|
|
Microsoft has released the second security bulletin for 2010, after what it appeared to be a slow start for the Redmond company. In the first half of January, the company offered a single bulletin addressing vulnerabilities in supported Windows platforms. In this regard, Microsoft Security Bulletin MS10-002 rated Cri... |
22 January 2010
03:35 GMT |
|
|
Microsoft is not going to wait for its next patch cycle release in February in order to provide an update for a security vulnerability affecting Internet Explorer. George Stathakopoulos, general manager, MSRC, has confirmed officially that the software giant will release an out-of-band security update for Internet Ex... |
20 January 2010
06:51 GMT |
|
|
Microsoft recommends that users of older releases of its browser upgrade to Internet Explorer 8 in order to leverage the version’s advanced security features and mitigations and be better protected against exploits targeting a new 0-day security vulnerability in IE. In addition, the Redmond company notes that u... |
19 January 2010
10:05 GMT |
|
|
After it confirmed that it was investigating reports in the wild of a zero-day(0-day) security hole affecting Internet Information Services (IIS), Microsoft is now saying that it wrapped up the investigation and that no vulnerability was found. Instead of the alleged security vulnerability, the Redmond company noted... |
30 December 2009
05:13 GMT |
|
|
Customers already running the latest iteration of the Windows client, Windows 7, along with the Internet Explorer 8 are safe from potential exploits targeting a zero-day vulnerability in older releases of Internet Explorer, according to Microsoft. In an email message to Softpedia, Alan Wallace, security response... |
24 November 2009
03:44 GMT |
|
|
Details on a zero-day vulnerability affecting Internet Explorer are currently available in the wild, having been published to the BugTraq mailing list last week. So far, Microsoft has not commented on the exploit code made available in the wild, but security company Symantec has confirmed that it is fully functional... |
23 November 2009
07:56 GMT |
|
|
Microsoft has reacted rapidly to public reports of a zero-day denial-of-service vulnerability in its latest iterations of the Windows client and server operating systems, and is providing customers with guidance on how to block potential attempts to take advantage of the security flaw. In this regard, the Redmond com... |
14 November 2009
07:04 GMT |
|
|
Microsoft has added protection against exploits targeting a vulnerability in the Server Message Block (SMB) implementation in mere hours. However, only customers running the Forefront TMG Network Inspection System can breathe easy. The Redmond-based company informed that the protection against the Critical zero-day v... |
10 September 2009
04:35 GMT |
|
|
Microsoft has offered official confirmation of a new zero-day vulnerability impacting various releases of Internet Information Services (IIS). The security flaw resides in the FTP service, explained Alan Wallace, senior communications manager for the security response communications team at Microsoft, noting that in ... |
2 September 2009
10:01 GMT |
|
|
Microsoft has confirmed that it is aware of what Christopher Budd, security response communications lead for the company, referred to as limited, active attacks that exploited a zero-day Critical vulnerability affecting Video ActiveX control. Budd pointed out that only users running Windows XP and Windows Server 2003... |
7 July 2009
08:38 GMT |
|
|
Windows 7 RC, as well as its precursor, Windows Vista, and the R2 and RTM/SP1 releases of Windows Server 2008 are immune to a zero-day vulnerability affecting DirectX on older versions of Windows. The security hole makes Windows 2000 Service Pack 4, Windows XP (including SP2 and SP3), and Windows Server 2003 vulnerab... |
29 May 2009
07:19 GMT |
|
|
Microsoft has officially confirmed attacks targeting a Critical 0-day vulnerability affecting various releases of Office Excel. According to the Redmond company the vulnerability is actively being exploited in the wild, and a patch is in the works, although no security update is available as of yet to resolve the fla... |
25 February 2009
04:06 GMT |
|
|
It is just a little over two months since the first public testing milestone for Internet Explorer was made available outside of Redmond, and a critical 0-day security vulnerability impacting the browser has already been released in the wild. Security researcher Aviv Raff has tucked away an exploit somewhere on his b... |
9 May 2008
09:36 GMT |
|
|
|
|
Find us on Google+
