Tuesday, October 12, 2010

Security Bulletin Release for October, 2010


Microsoft released sixteen (16) bulletins addressing 49 vulnerabilities affecting Windows, Internet Explorer, Microsoft Office, and the .NET Framework.  Six bulletins expected are rated Critical, ten are Important and two are Moderate. Three of the bulletins account for 34 of the total vulnerabilities

MS10-073 contains an Important update for Windows XP that addresses a local Elevation of Privilege as part of the two additional Stuxnet related elevate privilege vulnerabilities that were announced in September.  It was reported that the second and final issue will be addressed in an upcoming bulletin. 

Critical:
  • MS10-071 -- Cumulative Security Update for Internet Explorer (2360131)
    Remote Code Execution, Requires restart, Affects Microsoft Windows, Internet Explorer
  • MS10-075 -- Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)
    Remote Code Execution, May require restart, Affects Microsoft Windows
  • MS10-076 -- Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)
    Remote Code Execution, May require restart, Affects Microsoft Windows
  • MS10-077 -- Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
    Remote Code Execution, May require restart, Affects Microsoft Windows, Microsoft .NET Framework
Important:
  • MS10-072 -- Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
    Information Disclosure, May require restart, Affects Microsoft Server Software
  • MS10-073 -- Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
    Elevatoin of Privilege, Requires restart, Affects Microsoft Windows
  • MS10-078 -- Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
    Elevation of Privilege, Requires restart, Affects Microsoft Windows
  • MS10-079 -- Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
    Remote Code Execution, May require restart, Affects Microsoft Office
  • MS10-080 -- Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
    Remote Code Execution, May require restart, Affects Microsoft Office
  • MS10-081 -- Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
    Remote Code Execution, Requires restart, Affects Microsoft Windows
  • MS10-082 -- Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)
    Remote Code Execution, May require restart, Affects Microsoft Windows
  • MS10-083 -- Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)
    Remote Code Execution, Requires restart, Microsoft Windows
  • MS10-084 -- Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
    Elevation of Privilege, Requires restart, Affects Microsoft Windows
  • MS10-085 -- Vulnerability in SChannel Could Allow Denial of Service (2207566)
    Denial of Service, Requires restart, Affects Microsoft Windows
Moderate:
  • MS10-074 -- Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)
    Remote Code Execution, May require restart, Affects Microsoft Windows
  • MS10-086 -- Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
    Tampering, Requires restart, Affects Microsoft Windows

For complete details, see the references listed below.


References:

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: