This is an advance notification of security bulletins that Microsoft is intending to release on March 9, 2010. This bulletin advance notification will be replaced with the March bulletin summary on March 9, 2010. For more information about the...

Microsoft on Sunday confirmed it's investigating an unpatched bug in VBScript that hackers could exploit to plant malware on Windows XP machines running Internet Explorer (IE). The flaw could be used by attackers to inject malicious code onto victims' ...

Systems Affected Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 Microsoft Internet Explorer 6, 7, and 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows 2008, Windows 7, and...

Where are the greatest Web-related security threats today? Analysis of Web Hacking Incidents Database (WHID) reveals that in 2009 social networks were at the greatest risk, malware and defacement remained the most common outcome of Web attacks, and SQL...

A hard-to-detect rootkit may be causing Windows XP systems to crash following Microsoft's latest security updates. Windows users began flooding Windows support forums this week, saying that their computers had been rendered unusable with a...

Security experts are warning of deceptive e-mails that claim that Microsoft Outlook needs an update. "The e-mail claims that you have a new message in Microsoft Outlook, but you need to reconfigure your settings (by clicking on the helpful link) in order...

The Conficker worm that has left a trail of destruction in its wake for the last six months is set for a new evolution April 1 that will enable it to stealthily launch a variety of malware attacks unbeknownst to the security community. Security experts...

Today Microsoft is releasing one new bulletin, MS09-001. This bulletin is rated as ‘Critical' for Windows 2000, Windows XP and Windows Server 2003 and is rated as ‘Moderate' for Windows Vista and Windows Server 2008. My colleague Mark Wodrich has put...

A sneaky computer worm that uses a virtual Swiss army knife of attack techniques has infected millions of Microsoft Windows PCs, and appears to be spreading at a fairly rapid pace, security experts warn. Also, while infected PCs could be used for a...

Microsoft Security Bulletin Major Revisions Issued: January 13, 2009 Summary ======= The following bulletins have undergone a major revision increment. Please see the appropriate bulletin for more details. * MS08-076 - Important * MS08-072 -...

The proof of concept for a Windows Media Player exploit does exist, and it has been shared. But it's not a vulnerability, Microsoft said, because it would need to trigger remote code execution...and this one doesn't. Coder Laurent Jaffié recently...

A vulnerability was reported on Windows Media Player claiming that using a specially crafted WAV, SND, or MIDI file can trigger an integer overflow and execute arbitrary code on the system. One of our reader has tested the POC on a fully patched...

Microsoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line. The vulnerability, publicly disclosed with exploit code more than two weeks ago, affects Microsoft SQL Server 2000,...