3050995 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.0

Posted on Thursday March 26, 2015  |  security alerts

Revision Note: V2.0 (March 26, 2015): Advisory rereleased to announce that the update for supported editions of Windows Server 2003 is now available. See Microsoft Knowledge Base Article 3050995 for more information and download links.
Summary: Microsoft is aware of improperly issued digital certificates coming from the subordinate CA, MCS Holdings, which could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The improperly issued certificates cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows.

 

3046310 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.0

Posted on Thursday March 19, 2015  |  security alerts

Revision Note: V2.0 (March 19, 2015): Advisory rereleased to announce that the update for supported editions of Windows Server 2003 is now available. See Knowledge Base Article 3046310 for more information and download links.
Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

 

3046015 - Vulnerability in Schannel Could Allow Security Feature Bypass - Version: 2.0

Posted on Tuesday March 10, 2015  |  security alerts

Severity Rating: Important
Revision Note: V2.0 (March 10, 2015): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of a vulnerability. We have issued Microsoft Security Bulletin MS15-031 to address this issue. For more information about this issue, including download links for an available security update, please review the security bulletin. The vulnerability addressed is the Schannel Security Feature Bypass Vulnerability - CVE-2015-1637.

 

3033929 - Availability of SHA-2 Code Signing Support for Windows 7 and Windows Server 2008 R2 - Version: 1.0

Posted on Tuesday March 10, 2015  |  security alerts

Revision Note: V1.0 (March 10, 2015): Advisory published.
Summary: Microsoft is announcing the reissuance of an update for all supported editions of Windows 7 and Windows Server 2008 R2 to add support for SHA-2 signing and verification functionality. This update supersedes the 2949927 update that was rescinded on October 17, 2014 to address issues that some customers experienced after installation. As with the original release, Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, and Windows RT 8.1 do not require this update as SHA-2 signing and verification functionality is already included in these operating systems. This update is not available for Windows Server 2003, Windows Vista, or Windows Server 2008.

 

3004375 - Update for Windows Command Line Auditing - Version: 1.0

Posted on Tuesday February 10, 2015  |  security alerts

Revision Note: V1.0 (February 10, 2015): Advisory published.
Summary: Microsoft is announcing the availability of an update for supported editions of Windows 7, Windows 8, Windows Server 2008R2 and Windows Server 2012 that expands the Audit Process Creation policy to include the command information passed to every process. This is a new feature that provides valuable information to help administrators monitor, troubleshoot, and investigate security-related activities on their networks. For more information, see Microsoft Knowledge Base Article 3004375.

 

3010060 - Vulnerability in Microsoft OLE Could Allow Remote Code Execution - Version: 2.0

Posted on Tuesday November 11, 2014  |  security alerts

Revision Note: V2.0 (November 11, 2014): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of a vulnerability. We have issued Microsoft Security Bulletin MS14-064 to address this issue. For more information about this issue, including download links for an available security update, please review the security bulletin. The vulnerability addressed is the Windows OLE Remote Code Execution Vulnerability - CVE-2014-6352.

 

Page:   1...259260261262263264265

Celebrating 30 Years

Managed Computer Support Services

Contact Us