MS Patch Tuesday May 2015   This May 2015 Patch Tuesday Microsoft released 13 security bulletins addressing a total of 46 vulnerabilities. This month high priority fix is for Internet Explorer which alone addresses 22 out of 46 vulnerabilities. This month 3 bulletins are rated as Critical, addressing 30 vulnerabilities and 10 are rated as […]

Read More →

A big Patch Tuesday this month consisting of total fourteen security bulletins address total of 45 vulnerabilities. This month also high priority fix is for Internet Explorer along with Microsoft Windows, Adobe Font Driver, VBScript Scripting Engine, and Microsoft Office. Internet Explorer addresses and Adobe Font Driver address total 20 out of 45 vulnerabilities. This […]

Read More →

  In this Patch Tuesday, Microsoft released Nine security bulletins addressing a total of 56 vulnerabilities. As usual this month high priority fix is for Internet Explorer, along with Windows Kernel-Mode Driver, Windows Group Policy and Microsoft Office. Internet Explorer alone addresses 41 out of 56 vulnerabilities. This month three bulletins are rated as Critical, […]

Read More →

This month Microsoft has released 14 security bulletins addressing a total of 33 vulnerabilities. The high priority fix is for Windows OLE, Internet Explorer, Windows Schannel and XML Core Services. Internet Explorer alone addresses 17 out of 33 vulnerabilities and it includes fix for 0-day vulnerability CVE-2014-6352 in the Windows OLE. This month Four bulletins […]

Read More →

SecPod Research Team member (Prabhu S Angadi) has found Information Disclosure Vulnerability in Netmechanica NetDecision Traffic Grapher Server. The vulnerability is caused due to improper validation of malicious HTTP GET request to Traffic Grapher Server ‘default.nd’ with invalid HTTP version number followed by multiple ‘CRLF’, which discloses the source code of ‘default.nd’ POC : Download […]

Read More →

SecPod Research Team member (Prabhu S Angadi) has found Information Disclosure Vulnerability in Netmechanica NetDecision Dashboard Server. The vulnerability is caused due to improper validation of malicious HTTP request to Dashboard server appended with ‘?’ character, which discloses the Dashboard server’s web script physical path. POC : Download here. More information can be found here. […]

Read More →