Severity: High Summary: These vulnerabilities affect: All current versions of Windows (and related components like the .NET Framework and VBScript Engine) How an attacker exploits them: Multiple vectors of attack, including luring users to malicious web sites or into viewing malicious vector graphics Impact: In the worst case, an attacker can gain complete control of your … [Read more...]
Two IIS Information Disclosure Vulnerabilities
Severity: Medium Summary: These vulnerabilities affect: The IIS FTP service running on Windows Vista, 2008, 7, and 2008 R2 How an attacker exploits them: By sending specially crafted FTP commands or accessing a local log file Impact: In the worst case, a local attacker can learn the credentials for a local account What to do: Deploy the appropriate IIS update at your … [Read more...]
Eleven Windows Bulletins Patch Many Critical Vulnerabilities
Critical SMB, OLE, and .NET Flaws Corrected Severity: High 14 June, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it (as well as some optional components like .NET Framework) How an attacker exploits them: Multiple vectors of attack, including sending specially crafted network traffic or enticing your users to view … [Read more...]
Thirteen Windows Bulletins Patch 18 Security Holes
Critical SMB, DNS, and ActiveX Flaws Corrected Severity: High 12 April, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including sending specially crafted network traffic or enticing your users to view malicious images Impact: Various results; in the … [Read more...]
Nine Windows Bulletins Correct 15 Security Vulnerabilities
Malicious Thumbnails and Fonts Help Attackers Hack Windows Severity: High 8 February, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including enticing your users into opening specially crafted files, or visiting malicious websites or file shares Impact: … [Read more...]