Microsoft: Patch now or face attacks
Microsoft today shipped four bulletins with patches for at least 8 documented security vulnerabilities affecting Windows users and warned that “consistent exploit code could be easily crafted” to launch attacks via the Internet Explorer browser.
microsoft -
comments -
10.2.2009 Shrinking patch windows hit by automated attacks
The length of time between the development of security patches and the development of exploits targeting the security holes they address has been dropping for some time.
windows -
comments -
21.4.2008 Microsoft customers face 64bit question
How will buyers react as the software giant makes key future applications 64bit only?
Microsoft?s decision to make Exchange and other key future products exclusive to 64bit servers could delay buyers switching to the new programs.
Earlier this month, Microsoft said that ?to help customers take full advantage of the power of 64bit computing?, forthcoming products including Exchange Server 12, the Centro infrastructure software for mid-sized firms and the R2 update to Windows Server Longhorn would be exclusively 64bit.
microsoft -
comments -
27.11.2005 Song sites face legal crackdown
Thanks
DCrad for this submission. The music industry is to extend its copyright war by taking legal action against websites offering unlicensed song scores and lyrics. The Music Publishers' Association (MPA), which represents US sheet music companies, will launch its first campaign against such sites in 2006.
common -
comments -
13.12.2005 Microsoft's Live Search Adds Face Detection
Microsoft's image search engine added a new operator that lets you restrict the results to faces and portraits. You just need to append filter:face or filter:portrait to your query (for example, [larry page filter:portrait]).
microsoft -
comments -
29.7.2007 When You Least Expect It, Microsoft Spits Vista SP1 in Your Face
First rule about Windows Vista Service Pack 1: you do not talk about Vista SP1. Second rule of... well you get the point. Sinofsky is not a Windows vice president known to play well with others.
windows -
comments -
16.8.2007 15 Years On, Microsoft Research Changing Face of Computing
Thousands of research papers and hundreds of product innovations by Microsoft Research add value both inside and outside the company.
common -
comments -
27.9.2006 Vista Beta Testers Face Looming OS Expiration
If you're one of the millions of Windows Vista beta and release candidate testers, your trial run ends on June 1.
windows -
comments -
12.4.2007 MS: Another Patch for cursor patch
Stop 0x0000007F error when you try to print from computers that are running Windows XP or Windows 2000 and that have GDI security update 925902 installed
download -
comments -
20.4.2007 Two Unofficial IE Patches Block Attacks
eWeek reports that two well-respected Internet security companies (eEye and Determina) have released unofficial patches to correct the vulnerability being exploited to load spyware, bots and Trojan downloaders on Windows machines.
microsoft -
comments -
29.3.2006 Uptick in Windows attacks reported
Several security experts are warning of increased cyberattacks targeting Windows PCs, but Microsoft says all is calm on the attack front.
windows -
comments -
3.9.2006 Researcher to Demonstrate Vista Attacks
A security researcher will show hackers new ways to defeat Vista's BitLocker drive encryption.
windows -
comments -
1.5.2007 Legitimate Screensavers Used in Malware Attacks
Malware writers turn to all kinds of techniques in order to trick people, infect their computers and reach their goal, no matter if we're talking about stealing some
data or just luring them on malicious websites.
common -
comments -
29.5.2008 Microsoft warns of new Word attacks
Microsoft has issued yet another security advisory in the wake of new attacks targeting Word.
microsoft -
comments -
10.7.2008 ActiveX Is Vulnerable to Attacks Even Without Vulnerabilities
Internet Explorer users are vulnerable to attacks targeting ActiveX, even when ActiveX is vulnerability-free, claims security company Symantec.
microsoft -
comments -
11.8.2008 IE users beware: Zero-day attacks
Malicious hackers are launching code execution exploits against new, unpatched vulnerability in the Microsoft Video ActiveX Control, the company warned in an advisory.
microsoft -
comments -
6.7.2009 Microsoft DNS Server Attacks Continue
In an advisory this morning borrowing language used during previous statements about completely different exploits, Microsoft's Security Response Center team confirmed that it has seen at least one new wave of attacks based on proof-of-concept code impacting its DNS server software in Windows Server-based systems.
windows -
comments -
17.4.2007 Internet Explorer 7 Is an Open Door for Attacks
Internet Explorer 7 on Windows XP and Windows Server 2003 is nothing short of an open door for attacks. Microsoft informed that it is currently investigating a remote code execution vulnerability in various versions of XP and Windows Server 2003 running Internet Explorer 7.
microsoft -
comments -
15.10.2007 Microsoft confirms Windows-Word attacks
Microsoft Corp. yesterday warned of a critical vulnerability that affects users of Word running on Windows 2000, XP and Server 2003 SP1 -- several weeks after one security company first reported an exploit and a day after a second vendor confirmed ongoing attacks.
microsoft -
comments -
24.3.2008 How Microsoft fights off 100,000 attacks per month
Microsoft Corp. has long encouraged its employees to "RAS" into the corporate network from home or from the road to access e-mail, shared files and applications.
microsoft -
comments -
18.12.2006 It's Time to Face the Ugly Truth, SP3 or No SP3, the Clock Is Ticking for Windows XP
As 2008 has kicked in, it's now time to face the ugly truth. The clock is ticking for Windows XP. And while Microsoft may view this as a natural stage in the evolution of a product introduced all the way in 2001, a healthy proportion of end-users and businesses will fail to see eye to eye with the company on this one.
windows -
comments -
5.1.2008 Attacks on Mac OS X Exploded by 1,550% in 2007 – Just a 36% Growth for Windows
Windows is without a doubt the most attacked platform in the world. Microsoft's proprietary operating system attracts no less than 96.36% of the world's malicious code, according to malware statistics for 2007, released by Kaspersky.
common -
comments -
28.2.2008 Latest Vulnerability Attacks Steer Clear of Vista SP1, but Not XP SP3
The latest attacks targeting vulnerabilities in Microsoft's software products have steered clear of Windows Vista Service Pack 1.
windows -
comments -
24.3.2008 Microsoft patch can cause IE trouble
Microsoft's security update from Aug. 8 to Internet Explorer is causing browser trouble for some systems.
microsoft -
comments -
16.8.2006 Unlimited ReArm Patch
Automatic patch for Vista RTM. Current 3 people have reported that this has worked for them.
download -
comments -
26.11.2006 BitTorrent Acceleration Patch 4.7.3
BitTorrent Acceleration Patch description - An innovative plug-in for BitTorrent that boosts your download speed
download -
comments -
13.4.2008 Windows 7 Plus Patch V6
Windows 7 All versions PlusPatch V6 By Orbit30 [keznews forum]
download -
comments -
6.1.2009 Battlefield 2 Patch 1.03 Released
After much delay, the 1.03 patch for Battlefield 2 has finally been released. Include is Wake Island 2007 map, new server browser features, a nickname prefix feature, a BFHQ compare function, improved mod support, HUD & map enhancements, a dozen gameplay tweaks, a large number of bug fixes, and more.
common -
comments -
Windows Home Server patch is out
Hewlett Packard now has its hands on the Windows Home Server (WHS) update for which it decided to delay its MediaSmart Home Server.
windows -
comments -
20.9.2007 IE Patch Beats Coal In Your Stocking
If not for a terrible virus infection, I would have blogged about the Internet Explorer Zero Day exploit days ago.
microsoft -
comments -
19.12.2008Man Pleads Guilty to eBay DoS
Attacks
A 21 year-old Oregon man has
pled guilty to charges that he
was behind attacks targeted at
eBay and other online sites in
2003. Anthony Clark infected
20,000 computers with a worm
and then used them to launch
denial of service attacks.
Clark could face up to ten
years in prison...
betanews.com -
29.12.2005Microsoft Urges Organizations to Patch Server Vulnerability as New Attacks Surface
Microsoft is again urging users to apply a patch for a vulnerability in the Windows Server service. The company reported earlier that a new variant of
the Conficker worm has surfaced to target the flaw...
winbeta.org -
03.01.2009Homeland Security: Patch
Windows Now
The Department of Homeland
Security took the unusual step
earlier this week of urging
Windows users to apply a patch
to protect themselves from
possible attacks. A worm
exploiting the vulnerability
is imminent, experts say...
betanews.com -
11.08.2006Microsoft working on quick-fix capability for IT patch tools
Under the dark cloud of recent zero-day attacks, Microsoft is quickly working to update its enterprise patching tools to incorporate short-term, quick
fix technologies to thwart malware that is already actively exploiting vulnerabilities.
Microsoft's goal is to add its Fix-it
technology, introduced in January, into its overall patch management toolbox, which is anchored by Patch Tuesday. The idea is to streamline blockers
for zero-day attacks into current patching best practices.
winbeta.org -
17.07.2009Dasher Worm Attacks Windows
Patch available, but separate
IE exploits target browser
vulnerabilities...
pcworld.com -
16.12.2005Shrinking patch windows hit by automated attacks
The length of time between the development of security patches and the development of exploits targeting the security holes they address has been
dropping for some time. Hackers exploit this period of time - the so-called patch window - to launch attacks against unpatched machines. Typically,
exploits are developed by skilled hackers versed in the arcane intricacies of reverse engineering.
However, hackers have now begun using
off-the-shelf tools to at least partially automate this process, a development that might lead to exploits coming out hours instead of days after the
publication of patches.
neowin.net -
21.04.2008Redmond Mulls Emergency Patch
for IE Attacks
Microsoft Corp. is
working on a plan to release
an out-of-cycle patch to cover
a gaping hole in its dominant
Internet Explorer
browser.
S
ources say the MSRC (Microsoft
Security Response Center) is
aggressively aiming to release
the emergency IE fix ahead of
the December 13 Patch Tuesday
schedule.
Officiall
y, the company isn't
commenting on a timeline for
the IE patch. A Microsoft
spokeswoman said the creation
of security updates is "an
extensive process involving a
series of sequential
steps."
"There
are many factors that impact
the length of time between the
discovery of a vulnerability
and the release of a security
update, and every
vulnerability presents its own
unique challenges."..
winbeta.org -
01.12.2005Microsoft to Patch XML Vulnerability
Microsoft said Thursday that
it will patch on Tuesday a
recently disclosed
vulnerability in Windows' XML
Core Services component, along
with fixing five other
security flaws, the highest
rating of which is
"critical." The XML
flaw is being exploited by
zero-day attacks, security
experts have warned...
betanews.com -
10.11.2006Patch to a patch of a Microsoft patch needs patching
In the latest incident of a now-chronic problem that has been bugging Microsoft all year, a recent security patch now causes IE6 to crash in Windows
XP...again...
betanews.com -
19.12.2007One-Third of Computer Attacks Start in US
Most computer attacks
originate in the United
States, a study has found.
Additionally, hackers are
increasingly becoming more
organized, creating crime
rings that are becoming more
effective in carrying out
attacks...
betanews.com -
19.03.2007Microsoft Postpones Fix for
Patch
Microsoft on Tuesday said it
was postponing a planned fix
to its August cumulative patch
for Internet Explorer due to
an issue that would prevent
users from being able to
deploy the update properly,
while at the same time
acknowledging the first patch
also opened users up to a code
execution attack.
The existence of a
vulnerability in the patch was
first announced by eEye
Digital Security, which
Microsoft has chided for
publicly disclosing the flaws.
However, eEye defended itself,
saying that it had only
mentioned that the patch was
indeed exploitable, noting
that the Redmond company had
released the most details on
the problem itself.
In Microsoft's own advisory
describing the flaw, it said
the issue can be recreated
using long URLs to sites using
HTTP 1.1 and compression. In a
statement on the disclosure,
Microsoft Security Response
Center research Stephen
Toulouse defended the
company's decision to stay
quiet.
jcxp.net -
26.08.2006Microsoft Halves January Patch Tuesday
An eleventh hour change halved
the number of expected
security patches to four.
However, missing from this
month's updates are fixes for
any of several zero-day
attacks affecting the
Microsoft Office suite...
betanews.com -
10.01.2007Microsoft Fixes Another August
Patch
Microsoft released a new
version of its patch intended
to fix a problem in Windows
Server service, saying the
original patch could cause
programs to fail if they
request more than one gigabyte
of contiguous memory...
betanews.com -
19.08.2006Patch Tuesday: And Then There Were Four
Microsoft dropped one patch from its Patch Tuesday lineup, instead only releasing four patches, one of which was critical...
betanews.com -
12.09.2007Six Fixes on Tap for Patch Tuesday
Microsoft is taking the
guesswork out of Patch Tuesday
by detailing the type and
severity of patches in its new
Advance Notification
bulletins. The first of these
is being used for July's
Patch Tuesday...
betanews.com -
06.07.2007Report: IM Attacks Hit Record
Levels
Instant messaging security
firm IMLogic said on Monday
that attacks on IM networks
increased to record levels,
multiplying by fourteen times
through the first three
quarters of this year. MSN
Messenger has been the
recipient of the lion's share
of attacks...
betanews.com -
03.10.2005Microsoft Fixes Patch Snafus
Microsoft on Monday resolved a
few problems surrounding last
week's Excel-laden Patch
Tuesday, most notably fixing a
problem that prevented a patch
from installing properly on
Windows Server 2003 SP1. The
company is encouraging
administrators to re-run
update checks...
betanews.com -
19.07.2006Microsoft Patches Windows Cursor Flaw
As expected, Microsoft has
released a security update to
patch a critical vulnerability
in Windows Animated Cursor
Handling. The company says it
was working on the fix since
December, and has posted it
early due to reports of
attacks...
betanews.com -
04.04.2007Microsoft to Patch Critical
Office Flaw
This month's Patch Tuesday
will be a light one in
comparison with those before
it, with only three updates
due next week. However,
Microsoft's patch for Office
shouldn't be taken lightly;
its rating will be
"Critical," the
company said Thursday...
betanews.com -
08.09.2006Microsoft Releases Fix for VML
Exploit
In what could be the quickest
patch ever to be released by
Microsoft, the company on
Tuesday publicly issued a fix
for the highly-publicized
Vector Markup Language (VML)
vulnerability that surfaced
last week and was being
actively exploited by numerous
attacks...
betanews.com -
27.09.2006
