Wednesday, October 26, 2016
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Alphabet Cutting Jobs in Google Fiber, Pauses Expansion Plans
Nintendo Cuts Profit Forecast
Sony To Establish New Imaging Products And Solutions Company
Samsung Pay Expand In New Russia, Thailand and Malaysia
Samsung Introduces New ARTIK Smart IoT Platform Modules
iPhone Sales Declined, But Services Revenue Grew In Last Fiscal Quarter
Google's Jamboard Reinverts The Whiteboard For Collaboration in the Cloud
ARM Accelerates Secure IoT from Chip to Cloud
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, February 10, 2010
Microsoft Released February 2010 Security Bulletin

Microsoft's today released 13 bulletins addressing 26 vulnerabilities. 11 bulletins affect Windows and 2 affect older versions of Microsoft Office.

The new patches address issues such as one for Windows that could be exploited to take control of a computer and another one that has resided in the 32-bit Windows kernel since its release 17 years ago.

Latest Security Updates

MS10-003 - addresses a vulnerability in Microsoft Office (KB 978214)
MS10-004 - addresses a vulnerability in Microsoft Office (KB 975416)
MS10-005 - addresses a vulnerability in Windows (KB 978706)
MS10-006 - addresses a vulnerability in Windows (KB 978251)
MS10-007 - addresses a vulnerability in Windows (KB 975713)
MS10-008 - addresses a vulnerability in Windows (KB 978262)
MS10-009 - addresses a vulnerability in Windows (KB 974145)
MS10-010 - addresses a vulnerability in Windows (KB 977894)
MS10-011 - addresses a vulnerability in Windows (KB 978037)
MS10-012 - addresses a vulnerability in Windows (KB 971468)
MS10-013 - addresses a vulnerability in Windows (KB 977935)
MS10-014 - addresses a vulnerability in Windows (KB 977290)
MS10-015 - addresses a vulnerability in Windows (KB 977165)

MS10-013, which addresses a Critical vulnerability in DirectShow. This issue is Critical on all supported versions of Windows except Itanium based server products and has an Exploitability Index rating of 1. To exploit the vulnerability, an attacker could host a malicious AVI file on a website and convince a user to visit the site, or send the file via email and convince the a user to open it.

MS10-006 is also Critical on all versions of Windows, except Windows Vista and Windows Server 2008, and addresses 2 vulnerabilities in SMB Client. One of the vulnerabilities has an Exploitability Index rating of 1. In the simplest scenario, a system connecting to a network file share is an SMB Client. The issue occurs during the client/server negotiation phase of the connection. In order to exploit this issue, an attacker would need to host a malicious server and convince a client system to connect to it. An attacker could also try to perform a man-in-the-middle attack by responding to SMB requests from clients. Microsoft expects attempts to exploit would be more likely to result in a Denial of Service than in Remote Code Execution.

MS10-007 addresses a Critical vulnerability in Windows Shell Handler that affects Windows 2000, Windows XP, and Windows Server 2003. The attack vector is through a specially crafted link that appears to the ShellExecute API to be a valid link. This issue has not been publicly exposed but Microsoft gives it an Exploitability Index rating of 1, urging customers on affected platforms to install it as soon as possible.

MS10-008 is a cumulative update for ActiveX Killbits and is also Critical. A Killbit is not an update that addresses the underlying vulnerability. It is a registry setting that keeps the vulnerable ActiveX control from running in Internet Explorer.

Microsoft also patched a 17 year-old issue related to a vulnerability in Windows kernel that could allow elevation of privilege. Microsoft is aware of publicly available proof-of-concept code for that issue, but is not aware of any active attacks at this time.

Users may already have the updates if they have automatic updating turned on. All those who have automatic updating turned on could go to Microsoft Update. Microsoft Update is an online tool that will scan a computer and provide a report about what updates a computer needs.

Download updates from the Microsoft Download Center Security updates can be downloaded from the Microsoft Download Center.

Fraunhofer MPEG Audio Codecs and Mobile Surround Sound Available for Android        All News        Apple Releases Aperture 3
RealNetworks and Viacom to Spin off Rhapsody     General Computing News      Micron to Acquire Numonyx For $1.27 Billion

Get RSS feed Easy Print E-Mail this Message

Related News
Microsoft Cloud Strength Highlights First Quarter Results
Microsoft's Cloud Investments In Europe Hits $3 billion
Microsoft Creation New Artificial Intelligence and Research Group
Adobe and Microsoft Partner in the Azure Cloud
Microsoft Unveiled The Nokia 216 Phone
Microsoft Cloud Strength Highlights Fourth Quarter Results
Microsoft Unveils The Stream Business Video Platform
Microsoft Offers New Subscription Options For Windows 10 and Surface for Businesses
Project Malmo, Which Lets Researchers Use Minecraft for AI research, Makes Public Debut
Microsoft Hints at New Surface Coming Soon
Microsoft Says Scorpio System will Not Offer Higher Frame Rates With Xbox One Games
LinkedIn Becomes Part Of Microsoft

Most Popular News
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2016 - All rights reserved -
Privacy policy - Contact Us .