Microsoft Updates for Multiple Vulnerabilities
Source: US-CERT
As part of the Microsoft Security Bulletin Summary for March 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows and Windows Server.
A remote, unauthenticated attacker could gain elevated privileges, poison the DNS cache, execute arbitrary code, or cause a vulnerable application to crash.
Solution
Microsoft has provided updates for these vulnerabilities in the Microsoft [...]
Read More About - Microsoft Updates for Multiple Vulnerabilities »
Active Exploitation of Microsoft Internet Explorer 7 Vulnerability
US-CERT is aware of a public report indicating active exploitation of a previously patched vulnerability in Microsoft Internet Explorer 7. This vulnerability was addressed in Microsoft Security Advisory MS09-002. Additional information is available in US-CERT Technical Cyber Security Alert TA09-041A.
US-CERT encourages users to apply the update or workarounds as specified in Microsoft Security Advisory MS09-002. [...]
Read More About - Active Exploitation of Microsoft Internet Explorer 7 Vulnerability »
Microsoft Updates for Multiple Vulnerabilities
Systems Affected:
* Microsoft Internet Explorer
* Microsoft Office Visio
* Microsoft Exchange and SQL Server
Overview
Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
I. Description
As part of the Microsoft Security Bulletin Summary for February 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Exchange Server, SQL Server, Office, and other [...]
Read More About - Microsoft Updates for Multiple Vulnerabilities »
White House (.gov) Email Down Due to Microsoft
The new White House team found out there email systems were down for most of the day on Monday. Press Secretary Robert Gibbs mad the announcement of the technical difficulties at his 1:30 p.m. briefing. He apologized for the e-mail silence and blamed it on a Mircrosoft Outlook server.
Both incoming and outgoing email were [...]
Read More About - White House (.gov) Email Down Due to Microsoft »
Microsoft Windows Does Not Disable AutoRun Properly
National Cyber Alert System
Technical Cyber Security Alert TA09-020A
Microsoft Windows Does Not Disable AutoRun Properly
Source: US-CERT
Systems Affected
Microsoft Windows
Overview
Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft’s guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.
I. Description
Microsoft Windows includes an AutoRun feature, which can automatically [...]
Read More About - Microsoft Windows Does Not Disable AutoRun Properly »
Microsoft Technical Cyber Security Alerts Multiple SMB Protocol Vulnerabilities
Original release date: January 13, 2009
Source: US-CERT
Systems Affected
Microsoft Windows 2000, XP, and Vista
Microsoft Windows Server 2000, 2003, and 2008
Overview
Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
I. Description
In their bulletin for January 2009, Microsoft released updates to address vulnerabilities in the Server Message Block (SMB) Protocol that affects all supported versions [...]
Read More About - Microsoft Technical Cyber Security Alerts Multiple SMB Protocol Vulnerabilities »
Protect Your Computer From Microsoft
Microsoft
Microsoft Security
4 steps to protect your computer
Step 1. Keep your firewall turned on
What is a firewall?
A firewall helps protect your computer from hackers who might try to delete information, crash your computer, or even steal your passwords or credit card numbers. Make sure your firewall is always turned on.
• How to turn on your firewall
• [...]