Tuesday, August 10, 2010

August 2010 Security Bulletin Release


Microsoft released fourteen security bulletins today. Eight have a maximum severity rating of Critical with the other six having a maximum severity rating of Important.

Note, however, as illustrated in the excellent table provided by the Security Research & Defense Blog, that the bulletins do not effect all operating systems/products.

The Malicious Software Removal Tool (MSRT) has been updated to include the following list of new malware:
Although none of the vulnerabilities addressed below have been observed under exploit in the wild. they are identified in the MSRC Blog as high-priority deployments:
  • MS10-052 This bulletin resolves a privately reported vulnerability in Microsoft's MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
  • MS10-055 This bulletin resolves a privately reported vulnerability in Cinepak Codec, which is used by Windows Media Player to support the .avi audiovisual format. The vulnerability could allow remote code execution if a user opens a specially crafted media file, or receives specially crafted streaming content from a Web site. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
  • MS10-056 This bulletin resolves four privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens or previews a specially crafted RTF e-mail message. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Windows Vista and Windows 7 are less exploitable due to additional heap mitigation mechanisms in those operating systems.
  • MS10-060 This bulletin resolves two privately reported vulnerabilities, both of which could allow remote code execution, in Microsoft .NET Framework and Microsoft Silverlight.
Microsoft is also releasing Microsoft Security Advisory (2264072) and closing Security Advisory 977377.

For complete details, see the references listed below.


References:

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: