3137909 – Vulnerabilities in ASP.NET Templates Could Allow Tampering – Version: 1.1
February 10, 2016 by in

Revision Note: V1.1 (February 10, 2016): Advisory updated to include download information for Microsoft ASP.NET Web Frameworks, and Tools and Microsoft ASP.NET and Web Tools. This is an informational change only.Summary: Microsoft is releasing this sec...

More
Share
2871997 – Update to Improve Credentials Protection and Management – Version: 5.0
February 9, 2016 by in

Revision Note: V5.0 (February 9, 2016): Rereleased advisory to announce the release of update 3126593 to enable the Restricted Admin mode for Credential Security Support Provider (CredSSP) by default. See Updates Related to this Advisory for details.Su...

More
Share
3118753 – Updates for ActiveX Kill Bits 3118753 – Version: 1.0
January 12, 2016 by in

Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update released on January 12, 2016.

More
Share
3109853 – Update to Improve TLS Session Resumption Interoperability – Version: 1.0
January 12, 2016 by in

Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is announcing the availability of an update to improve interoperability between Schannel-based TLS clients and 3rd-party TLS servers that enable RFC5077-based resumption and ...

More
Share
2755801 – Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge – Version: 53.0
January 5, 2016 by in

Revision Note: V53.0 (January 5, 2016): Added the 3133431 update to the Current Update section.Summary: Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Se...

More
Share
3057154 – Update to Harden Use of DES Encryption – Version: 1.1
December 8, 2015 by in

Revision Note: V1.1 (December 8, 2015): Advisory updated to include more information about disabling DES by default in Windows 7 and Windows Server 2008 R2 and later operating systems. The update allows DES to be used between client and server to addre...

More
Share
3123040 – Inadvertently Disclosed Digital Certificate Could Allow Spoofing – Version: 1.0
December 8, 2015 by in

Revision Note: V1.0 (December 8, 2015): Advisory published.Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform ma...

More
Share
3119884 – Inadvertently Disclosed Digital Certificates Could Allow Spoofing – Version: 1.0
November 30, 2015 by in

Revision Note: V1.0 (November 30, 2015): Advisory published.Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used ...

More
Share
3108638 – Update for Windows Hyper-V to Address CPU Weakness – Version: 1.0
November 10, 2015 by in

Revision Note: V1.0 (November 10, 2015): Advisory published.Summary: Microsoft is announcing the availability of a security update for Windows Hyper-V to protect against a denial of service condition that can be triggered with certain central processin...

More
Share
2960358 – Update for Disabling RC4 in .NET TLS – Version: 2.0
October 13, 2015 by in

Revision Note: V2.0 (October 13, 2015): Advisory revised to broaden the affected software list to include Windows 10 systems that are running .NET Framework 3.5 applications and systems with .NET Framework 4.6 installed that are running .NET Framework ...

More
Share