Microsoft Security Response Center Blog Alerts

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.

Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.