Showing 21 results for: 2012 ×MAPP ×

Microsoft Advance Notification for December 2012

Next week is Patch Tuesday, so this week we get the advance notification for the last updates Microsoft will issue this year. Of course that assumes there will be no unforeseen zero-day release between now and then. This month it...

Announcing the availability of ModSecurity extension for IIS

This blog post has also been posted on the Microsoft Security Research and Defense site: By: Greg Wroblewski, Microsoft Security Engineering Center Ryan Barnett, Trustwave SpiderLabs Vulnerabilities in on-line services, like cross-site scripting, cross-site request forgery, or even information disclosure,...

Beyond Apache: ModSecurity for IIS/Nginx is Coming

The Trustwave SpiderLabs Research Team is proud to announce that, through a collaboration with the Microsoft Security Response Center (MSRC) Team and community member Alan Silva (@AlanJumpi), we will be releasing ModSecurity versions for both the Microsoft Internet Information Services...

Internet Explorer Vulnerabilities Gone Wild

It's a busy time for Internet Explorer: Patch Tuesday addressed quite a few issues in IE, and an additional advisory for a 0-day vulnerability which has been exploited in the wild, also in Internet Explorer, soon followed. Naturally, when IE...

Rogue Certificates Set on Flame

It was only a matter of time before we felt Flame's aftershock. Yesterday morning it finally happened. Microsoft published an emergency Security Advisory 2718704 and an associated patch that revokes trust from three intermediate CA certificates: Microsoft Enforced Licensing Intermediate...