Blog

Tag Search: security alerts

4010983 - Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service - Version: 1.0

Posted on Friday January 27, 2017  |  security alerts

Revision Note: V1.0 (January 27, 2017): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.1.0. This advisory also provides guidance on what developers can do to update their applications correctly.

 

3214296 - Vulnerabilities in Identity Model Extensions Token Signing Verification Could Allow Elevation of Privilege - Version: 1.0

Posted on Tuesday January 10, 2017  |  security alerts

Revision Note: V1.0 (January 10, 2017): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public version of Identity Model Extensions 5.1.0. This advisory also provides guidance on what developers can do to help ensure that their apps are updated correctly.

 

3181759 - Vulnerabilities in ASP.NET Core View Components Could Allow Elevation of Privilege - Version: 1.0

Posted on Tuesday September 13, 2016  |  security alerts

Revision Note: V1.0 (September 13, 2016): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.0.0. This advisory also provides guidance on what developers can do to help ensure that their applications are updated correctly.

 

3174644 - Updated Support for Diffie-Hellman Key Exchange - Version: 1.0

Posted on Tuesday September 13, 2016  |  security alerts

Revision Note: V1.0 (September 13, 2016): Advisory published. Summary:

 

3179528 - Update for Kernel Mode Blacklist - Version: 1.0

Posted on Tuesday August 09, 2016  |  security alerts

Revision Note: V1.0 (August 9, 2016): Click here to enter text. Summary: Microsoft is blacklisting some publically released versions of securekernel.exe. This advisory includes a list of hashes for specific operating systems that are on the blacklist

 

2880823 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0

Posted on Wednesday May 18, 2016  |  security alerts

Revision Note: V2.0 (May 18, 2016): Advisory updated to provide links to the current information regarding the use of the SHA1 hashing algorithm for the purposes of SSL and code signing. For more information, see Windows Enforcement of Authenticode Code Signing and Timestamping.
Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing after January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

 

Page:   123456789

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016