If you manage Windows networks, you know what time it is... time for Microsoft's monthly list of security updates. Microsoft Patch day has gone live, and you can find a listing of today's security bulletins in their June Patch Day summary page. As expected, they released five security bulletins, one for Internet Explorer (IE), three for Windows and its components, and one for … [Read more...]
SharePoint Suffers from XSS and Information Disclosure Flaws
Summary: These vulnerabilities affect: SharePoint Server, Groove Server, Office Web Apps, and InfoPath 2010, which are all part of Microsoft's Office family products How an attacker exploits them: Multiple vectors of attack, including luring your users to a malicious link, or by visiting a specific address on a vulnerable server Impact: In the worst case, an attacker can … [Read more...]
Four Updates Repair Office and Server Software Vulnerabilities
Severity: High Summary: These vulnerabilities affect: Microsoft Office related products, including Word, Works, Sharepoint, InfoPack, Communicator, Lync, Groove, and more How an attacker exploits them: Multiple vectors of attack, including enticing users to click specially crafted links, or to open specially crafted documents Impact: In the worst case, an attacker can gain … [Read more...]
Microsoft Black Tuesday: Office, Windows, and SQL Server Updates
Like clockwork, Microsoft's Patch Tuesday has gone live. This month Microsoft seems to be focusing on Office and their Server Software, with the Windows updates posing only a moderate risk. As promised, Microsoft released seven bulletins fixing vulnerabilities in several of their products. The affected software includes: Word and the Word Viewer Works 9 SQL … [Read more...]