Microsoft Security Advisory (2743314): Unencapsulated MS-CHAP v2 Authentication Could Allow Information Disclosure – Version: 1.0

Revision Note: V1.0 (August 20, 2012): Advisory published.
Summary: Microsoft is aware that detailed exploit code has been published for known weaknesses in the Microsoft Challenge Handshake Authentication Protocol version 2 (M…

Latest Yahoo Data Breach Restates Need for Basic Security

News broke today of a large data breach against Yahoo Voices, resulting in more than 400,000 username/password combinations being posted in clear text. The compromise involved a basic SQL-injection attack against an exposed Yahoo server (dbb1.ac.bf1.yahoo.com).  Similar to other recent events, the account data was reportedly stored in an unencrypted state. We see this type of attack Read more…

Yahoo! Hacked: 15 Tips To Better Password Security

In light of the Yahoo Voices hack where 450,000 passwords have been compromised, it’s time again to let the world know what they are doing wrong when it comes to passwords. CNET pointed out that: 2,295: The number of times a sequential list of numbers was used, with “123456″ by far being the most popular password. Read more…

2719615 – Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution – Version: 2.0

Revision Note: V2.0 (July 10, 2012): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS12-043 to address this issue. For more inf…

Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution – Version: 2.0

Severity Rating: Revision Note: V2.0 (July 10, 2012): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS12-043 to address this is…

Microsoft Security Advisory (2719615): Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution – Version: 2.0

Severity Rating: Revision Note: V2.0 (July 10, 2012): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS12-043 to address this is…

Microsoft Security Advisory (2719662): Vulnerabilities in Gadgets Could Allow Remote Code Execution – Version: 1.0

Revision Note: V1.0 (July 10, 2012): Advisory published.
Summary: Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables the Windows Sidebar and Gadgets on supported editions of Windows…

Microsoft Security Advisory (2719662): Vulnerabilities in Gadgets Could Allow Remote Code Execution – Version: 1.0

Revision Note: V1.0 (July 10, 2012): Advisory published.
Summary: Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables the Windows Sidebar and Gadgets on supported editions of Windows…

Microsoft Security Advisory (2719662): Vulnerabilities in Gadgets Could Allow Remote Code Execution – Version: 1.0

Revision Note: V1.0 (July 10, 2012): Advisory published.
Summary: Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables the Windows Sidebar and Gadgets on supported editions of Windows…

Microsoft Security Advisory (2719615): Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution – Version: 2.0

Revision Note: V2.0 (July 10, 2012): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS12-043 to addres…