Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MS Security Bulletin Summary - December 2010


  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 14 December 2010 - 01:04 PM

FYI...

- http://www.microsoft...n/MS10-dec.mspx
December 14, 2010 - "This bulletin summary lists security bulletins released for December 2010...

Critical -2-

Microsoft Security Bulletin MS10-090 - Critical
Cumulative Security Update for Internet Explorer (2416400)
- http://www.microsoft...n/MS10-090.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS10-091 - Critical
Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution (2296199)
- http://www.microsoft...n/MS10-091.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Important -14-

Microsoft Security Bulletin MS10-092 - Important
Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)
- http://www.microsoft...n/ms10-092.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS10-093 - Important
Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (2424434)
- http://www.microsoft...n/MS10-093.mspx
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS10-094 - Important
Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)
- http://www.microsoft...n/MS10-094.mspx
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS10-095 - Important
Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2385678)
- http://www.microsoft...n/MS10-095.mspx
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS10-096 - Important
Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089)
- http://www.microsoft...n/MS10-096.mspx
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS10-097 - Important
Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)
- http://www.microsoft...n/MS10-097.mspx
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS10-098 - Important
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
- http://www.microsoft...n/ms10-098.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS10-099 - Important
Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591)
- http://www.microsoft...n/ms10-099.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS10-100 - Important
Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)
- http://www.microsoft...n/MS10-100.mspx
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS10-101 - Important
Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)
- http://www.microsoft...n/ms10-101.mspx
Important - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS10-102 - Important
Vulnerability in Hyper-V Could Allow Denial of Service (2345316)
- http://www.microsoft...n/ms10-102.mspx
Important - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS10-103 - Important
Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
- http://www.microsoft...n/ms10-103.mspx
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS10-104 - Important
Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
- http://www.microsoft...n/MS10-104.mspx
Important - Remote Code Execution - May require restart - Microsoft SharePoint

Microsoft Security Bulletin MS10-105 - Important
Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
- http://www.microsoft...n/ms10-105.mspx
Important - Remote Code Execution - May require restart - Microsoft Office

Moderate -1-

Microsoft Security Bulletin MS10-106 - Moderate
Vulnerability in Microsoft Exchange Server Could Allow Denial of Service (2407132)
- http://www.microsoft...n/MS10-106.mspx
Moderate - Denial of Service - May require restart - Microsoft Exchange
___

Deployment Priority
- http://blogs.technet...-deployment.png

Severity and Exploitabilty Index
- http://blogs.technet...severity-xi.png
___

ISC Analysis
- http://isc.sans.edu/...l?storyid=10081
Last Updated: 2010-12-14 18:52:39 UTC
___

- http://www.us-cert.g.../TA10-348A.html
December 14, 2010
Impact: A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.
Solution: Apply updates ..."
___

MSRT
- http://support.micro...om/?kbid=890830
December 14, 2010 - Revision: 82.0
(Recent additions)
- http://www.microsoft...e/families.aspx
... added this release...
• Qakbot

Download:
- http://www.microsoft...;displaylang=en
File Name: windows-kb890830-v3.14.exe

To download the x64 version of MSRT, click here:
- http://www.microsoft...;displaylang=en
File Name: windows-kb890830-x64-v3.14.exe

.

Edited by AplusWebMaster, 15 December 2010 - 08:05 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 20 December 2010 - 10:47 AM

FYI...

Patch issues with Outlook 2007
- http://isc.sans.edu/...l?storyid=10117
Last Updated: 2010-12-20 14:47:33 UTC - "Last week on December 14, Microsoft released an update (KB 2412171) for Microsoft Outlook 2007, and several of our readers wrote in indicating it caused problems with Outlook after applying the update. On December 16, Microsoft removed the update from Microsoft Update. Microsoft identified 3 issues with this update. If you are experiencing similar issues with the patch like those listed in this Microsoft Blog and you are using Windows XP, Vista and 7, Microsoft listed the steps to remove the patch here*."
* http://blogs.msdn.co...tlook-2007.aspx
___

> http://support.micro....com/kb/2485531
Last Review: December 21, 2010 - Revision: 4.0
___

- http://support.micro....com/kb/2412171
Last Review: December 18, 2010 - Revision: 3.1
___

[Symptoms related to Outlook 2007 bug injected by bad M$ Update KB 2412171]
- http://www.us-cert.g...entry_regarding
December 20, 2010
• Outlook fails to connect if Secure Password Authentication (SPA) is configured for an account and the mail server does not support SPA.
Noticeable performance issues when switching between folders if a Microsoft Exchange Server account is not configured in Outlook.
• AutoArchive cannot be configured for IMAP, POP3, or Outlook Live Connector accounts if there is no Exchange Server account configured in the same Outlook provide...
> http://blogs.msdn.co...tlook-2007.aspx

:ph34r: :(

Edited by AplusWebMaster, 22 December 2010 - 11:23 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users