Category Archives: Microsoft

Microsoft Security Advisory (2905247): Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege – Version: 1.0

Severity Rating: Revision Note: V1.0 (December, 10, 2013): Advisory published.Summary: Microsoft is announcing the availability of an update for Microsoft ASP.NET to address a vulnerability in ASP.NET view state that exists when Machine Authentication …

2896666 – Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution – Version: 2.0

Revision Note: V2.0 (December 10, 2013): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS13-096 to address the Microsoft Graph…

Microsoft Security Advisory (2896666): Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution – Version: 2.0

Severity Rating: Revision Note: V2.0 (December 10, 2013): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS13-096 to address th…

Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege – Version: 1.0

Severity Rating: Revision Note: V1.0 (December, 10, 2013): Advisory published.Summary: Microsoft is announcing the availability of an update for Microsoft ASP.NET to address a vulnerability in ASP.NET view state that exists when Machine Authentication …

2905247 – Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege – Version: 1.0

Revision Note: V1.0 (December, 10, 2013): Advisory published.Summary: Microsoft is announcing the availability of an update for Microsoft ASP.NET to address a vulnerability in ASP.NET view state that exists when Machine Authentication Code (MAC) valida…

Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution – Version: 2.0

Severity Rating: Revision Note: V2.0 (December 10, 2013): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a private report of this vulnerability. We have issued MS13-096 to address th…

Microsoft Security Advisory (2916652): Improperly Issued Digital Certificates Could Allow Spoofing – Version: 1.0

Revision Note: V1.0 (December 9, 2013): Advisory published.
Summary: Microsoft is aware of an improperly issued subordinate CA certificate that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The subordinate CA certificate was improperly issued by the Directorate General of the Treasury (DG Trésor), subordinate to the Government of France CA (ANSSI), which is a CA present in the Trusted Root Certification Authorities Store. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege – Version: 1.0

Revision Note: V1.0 (November 27, 2013): Advisory published.
Summary: Microsoft is investigating new reports of a vulnerability in a kernel component of Windows XP and Windows Server 2003. We are aware of limited, targeted atta…

Microsoft Security Advisory (2862152): Vulnerability in DirectAccess Could Allow Security Feature Bypass – Version: 1.0

Revision Note: V1.0 (November 12, 2013): Advisory published.
Summary: Microsoft is announcing the availability of an update for all supported releases of Windows to address a vulnerability in how DirectAccess authenticates Dire…