Microsoft Security Response Center Blog Alerts

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Untrusted pointer dereference in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper neutralization of special elements used in an sql command (‘sql injection’) in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.