Severity: Medium Summary: These vulnerabilities affect: Lync Server and .NET Framework How an attacker exploits them: Various, including by sending maliciously crafted packets or launching specially crafted calls Impact: An attacker could slow down or disrupt connections to the server, or stop it from responding at all. What to do: Install the appropriate Microsoft patches … [Read more...]
Windows Updates Fix GDI+, RDP, and TCP Vulnerabilities
Severity: High Summary: These vulnerabilities affect: All current versions of Windows (and related components like XML Core Services) How an attacker exploits them: Multiple vectors of attack, including enticing you to malicious web sites, or into interacting with malicious documents or images. Impact: In the worst case, an attacker can gain complete control of your Windows … [Read more...]
Office Updates Include Patches for SharePoint Vulnerabilities
Severity: High Summary: These vulnerabilities affect: Microsoft Office and related products like SharePoint Server How an attacker exploits them: Varies. Typically by enticing users to open or interact with maliciously crafted Office documents, or interacting with web resources Impact: Many. In the worst case, an attacker can gain complete control of your Windows … [Read more...]
Paranoia 2014 – WSWiR Episode 100
Word 0day, Cisco DoS, and Bricked Androids My weekly InfoSec summary arrives bit late this time due to business travel. Last week, I spoke at Watchcom's Paranoia conference in Oslo Norway, so I couldn't post my security news summary until the weekend. Nonetheless, why not start your week off by quickly catching up on last week's news. This week's episode includes a quick … [Read more...]
Windows Updates Fix Code Execution, DoS, and Privilege Elevation Flaws
Severity: High Summary: These vulnerabilities affect: All current versions of Windows (and related components like the .NET Framework and VBScript Engine) How an attacker exploits them: Multiple vectors of attack, including luring users to malicious web sites or into viewing malicious vector graphics Impact: In the worst case, an attacker can gain complete control of your … [Read more...]