Home Vendor Advisories

Thursday, 09 February 2012

Main Menu Home About us Contact us Services Partners Downloads Online Services Remote Support Helpdesk - Clients Helpdesk - Staff Tech Zone General News Industry News Vendor Advisories Cisco Microsoft Open Source Products Partners We ensure the highest level of vendor support for our clients & have established alliances with the following vendors: Services Spotlight Infrastructure Security Security is not one size fits all, that is why we tailor our services to your requirements. We offer a wide range of security services to assist you with any aspect of your information security requirements. Read more...   Login Username Password Remember me Lost Password?

Vendor Advisories MS09-021 - Critical: Vulnerabilities in Microsoft Office Excel Could... Microsoft Advisories Tuesday, 09 June 2009 Severity Rating: Critical - Revision Note: Bulletin published.Summary: This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Read more...   MS09-018 - Critical: Vulnerabilities in Active Directory Could Allow... Microsoft Advisories Tuesday, 09 June 2009 Severity Rating: Critical - Revision Note: Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. Read more...   Microsoft Security Advisory (971778): Vulnerability in Microsoft... Microsoft Advisories Thursday, 28 May 2009 Revision Note: Advisory published.Summary: Microsoft is investigating new public reports of a new vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted Quicktime media file. Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable. Microsoft has activated its Software Security Incident Response Process (SSIRP) and is continuing to investigate this issue. Read more...   MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code... Microsoft Advisories Tuesday, 26 May 2009 Severity Rating: Critical - Revision Note: V1.1 (May 26, 2009): Added an entry in the section, Frequently Asked Questions (FAQ) Related to This Security Update, to announce a detection change. The detection no longer offers the MS06-019 and MS06-029 updates, but instead will only offer MS07-026. There were no changes to the binaries. Customers who have already successfully installed the MS07-026 update do not need to reinstall.Summary: This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately. Read more...   MS09-003 - Critical: Vulnerabilities in Microsoft Exchange Could Allow... Microsoft Advisories Tuesday, 26 May 2009 Severity Rating: Critical - Revision Note: V3.0 (May 26, 2009): Added an entry in the section, Frequently Asked Questions (FAQ) Related to This Security Update, to announce a detection change to the update for Microsoft Exchange Server 2003 Service Pack 2 (KB959897). This is a detection change only. There were no changes to the security update files in this bulletin. Customers who have already installed the KB959897 update successfully do not need to reinstall.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding. Read more...   MS09-010 - Critical: Vulnerabilities in WordPad and Office Text... Microsoft Advisories Wednesday, 20 May 2009 Severity Rating: Critical - Revision Note: V1.2 (May 20, 2009): Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, to communicate that the associated Microsoft Knowledge Base Article 921606 and Microsoft Knowledge Base Article 933399 have been updated with regards to the expected installation behavior for certain update files. This is an informational change only.Summary: This security update resolves two publicly disclosed vulnerabilities and two privately reported vulnerabilities in Microsoft WordPad and Microsoft Office text converters. The vulnerabilities could allow remote code execution if a specially crafted file is opened in WordPad or Microsoft Office Word. Do not open Microsoft Office, RTF, Write, or WordPerfect files from untrusted sources using affected versions of WordPad or Microsoft Office Word. Read more...   Microsoft Security Bulletin Summary for May 2009 Microsoft Advisories Wednesday, 13 May 2009 Revision Note: V1.1 (May 13, 2009): Removed an erroneous note for MS09-017 pertaining to security updates KB969618 and KB957789 for supported versions of Microsoft Office PowerPoint 2007.Summary: This bulletin summary lists security bulletins released for May 2009. Read more...   Microsoft Security Advisory (969136): Vulnerability in Microsoft Office... Microsoft Advisories Tuesday, 12 May 2009 Revision Note: V2.0 (May 12, 2009): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-017 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-017. The vulnerability addressed is the Memory Corruption Vulnerability - CVE-2009-0556. Read more...   MS09-008 – Important: Vulnerabilities in DNS and WINS Server Could... Microsoft Advisories Tuesday, 12 May 2009 Severity Rating: Important - Revision Note: V2.0 (May 12, 2009): Added an entry in the section, Frequently Asked Questions (FAQ) Related to This Security Update, explaining a detection change. As a result of this change, the MS08-066 update may be offered to affected systems running supported editions of Windows Server 2003 in a non-DNS server role. Microsoft recommends that customers offered the MS08-066 update apply the update at the earliest opportunity. Summary: This security update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS server. These vulnerabilities could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems. Read more...   MS07-040 - Critical: Vulnerabilities in .NET Framework Could Allow... Microsoft Advisories Thursday, 07 May 2009 Severity Rating: Critical - Revision Note: V4.0 (May 7, 2009): Bulletin updated: Added as affected software: Microsoft .NET Framework 1.0 (KB928367) on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit editions of Windows Server 2008 Service Pack 2; Microsoft .NET Framework 1.1 (KB929729) on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2. This is a detection change only; there were no changes to the binaries. Customers who have already successfully installed KB928367 or KB929729 do not need to reinstall.Summary: This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Read more...   << Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >> Results 21 - 30 of 230

This page was loaded in 0.062 seconds.