Tag Archives | microsoft




Microsoft Implements Company Policy For Vulnerability Disclosure

Microsoft has implemented a new company policy regarding vulnerability disclosure in non-Microsoft products (third-party products). Unsurprisingly they are following the ‘responsible disclosure’ line rather than the ‘full disclosure’ line favoured by the infosec community. It’s fair enough though, as they say treat others as you wish to be treated. I’m pretty sure Microsoft would much […]

Topic: Legal Issues, Windows Hacking

Microsoft Unleashes Record Breaking Patch Tuesday – April 2011

We all love Patch Tuesday – no doubt about that right? Well Microsoft has blessed us this month with the biggest Patch Tuesday in the history of the program. That’s a good thing because it’s had some horribly effective vulnerabilities revealed lately. It managed to package up a massive bundle of patches for 64 vulnerabilities […]

Topic: Countermeasures, Exploits/Vulnerabilities, Security Software, Windows Hacking

Microsoft Attack Surface Analyzer – Test Software Vulnerabilities

Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a snapshot of your system state […]

Topic: Countermeasures, Exploits/Vulnerabilities, Security Software, Windows Hacking

Microsoft Warns Of ASP.Net Vulnerability In The Wild – Cryptographic Padding Attack

There seems to be a fairly serious attack being exploited in the wild that targets vulnerable ASP.Net web applications, so far there is a temporary fix but no official announcement on when a patch will be issued. The next scheduled patches should be pushed out on October 12th. If you had set up your server […]

Topic: Exploits/Vulnerabilities, Web Hacking, Windows Hacking

Microsoft Fixes SSL Spoofing Renegotiation Bug

Well this flaw was first publicized in November last year, it was successfully used against Twitter in the same month. IETF completed the SSL vulnerability fix in January this year and now in August – 10 months after the original release of the flaw – Microsoft has stepped up and fixed it. The fix is […]

Topic: Exploits/Vulnerabilities, Networking Hacking, Windows Hacking

Windows Help Vulnerability Exploited In The Wild

So the other big news this week apart from the AT&T iPad/iPhone 4 screw-up is that a recently announced critical vulnerability in Windows XP is being exploited in the wild. It was disclosed fairly recently and is a vulnerability in the Windows XP help system disclosed by Tavis Ormandy, a Google researcher who has appeared […]

Topic: Exploits/Vulnerabilities, Windows Hacking

Popular Tags

computer-security · darknet · ddos · dos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·