Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > other security issues & news
Reload this Page Microsoft Security Bulletin Summary for March 9, 2010
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old March 9th, 2010, 01:20 PM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Microsoft Security Bulletin Summary for March 9, 2010
Microsoft Security Bulletin Summary for March 9, 2010

Microsoft Security Bulletin Summary for March 9, 2010
Published: March 9 2010

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:

http://www.microsoft.com/technet/sec.../ms10-mar.mspx

Critical (0)


Important (2)

Microsoft Security Bulletin MS10-017 - Important
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)
Published: March 09, 2010
http://www.microsoft.com/technet/sec.../MS10-017.mspx


Microsoft Security Bulletin MS10-016 - Important
Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)
Published: March 09, 2010
http://www.microsoft.com/technet/sec.../MS10-016.mspx

Moderate (0)





Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
  #2  
Old March 9th, 2010, 01:21 PM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Re: Microsoft Security Bulletin Summary for March 9, 2010
TechNet Webcast: Information About Microsoft March Security Bulletins (Level 200)
Event ID: 1032427711

Language(s): English.
Product(s): Security.
Audience(s): IT Generalist.


Duration: 90 Minutes
Start Date: Wednesday, March 10, 2010 11:00 AM Pacific Time (US & Canada)



Event Overview

Join us for a brief overview of the technical details of the March security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Senior Security Program Manager Lead, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation





Register now for the March security bulletin webcast.
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
  #3  
Old March 9th, 2010, 01:22 PM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Re: Microsoft Security Bulletin Summary for March 9, 2010
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

New Additions

We have added detection and cleaning capabilities for the following malicious software:

* Pushbot

Win32/Pushbot

Encyclopedia entry
Updated: Mar 04, 2010 | Published: Jan 27, 2010

Aliases

*
* W32/Sdbot.worm.gen.ca (McAfee) SDBot.gen8 (Norman)
* W32.Palevo (Symantec)
* P2P-Worm.Win32.Palevo (Kaspersky)


Alert Level (?)
Severe

http://www.microsoft.com/downloads/d...displaylang=en
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
  #4  
Old March 9th, 2010, 01:24 PM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Re: Microsoft Security Bulletin Summary for March 9, 2010
Microsoft Security Advisory (981374)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: March 09, 2010
http://www.microsoft.com/technet/sec...ry/981374.mspx

Revisions•
V1.0 (March 9, 2010): Advisory published.

Microsoft Security Advisory (973811)
Extended Protection for Authentication
Published: August 11, 2009 | Updated: March 09, 2010
http://www.microsoft.com/technet/sec...ry/973811.mspx

Revisions: •
V1.0 (August 11, 2009): Advisory published.

V1.1 (October 14, 2009): Updated the FAQ with information about a non-security update included in MS09-054 relating to WinINET.

V1.2 (December 8, 2009): Updated the FAQ with information about three non-security updates relating to Windows HTTP Services, HTTP Protocol Stack, and Internet Information Services.

V1.3 (March 9, 2010): Updated the FAQ to announce the rerelease of the update that enables Internet Information Services to opt in to Extended Protection for Authentication. For more information, see Known issues in Microsoft Knowledge Base Article 973917.
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
  #5  
Old March 10th, 2010, 04:34 AM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Re: Microsoft Security Bulletin Summary for March 9, 2010
Microsoft Security Bulletin Major Revisions

********************************************************************
Title: Microsoft Security Bulletin Major Revisions
Issued: March 9, 2010
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS09-033 - Important

Bulletin Information:
=====================

* MS09-033 - Important

http://www.microsoft.com/technet/sec.../ms09-033.mspx

- Reason for Revision: V2.0 (March 9, 2010): Rereleased this
bulletin to add Microsoft Virtual Server 2005 to affected
software. No other update packages are affected by this rerelease.
- Originally posted: July 14, 2009
- Updated: March 9, 2010
- Bulletin Severity Rating: Important
- Version: 2.0
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
  #6  
Old March 10th, 2010, 01:44 PM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Re: Microsoft Security Bulletin Summary for March 9, 2010
March 2010 Security Release ISO Image
Brief Description
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on March 9th, 2010.

http://www.microsoft.com/downloads/d...0-08b4092c9b8c
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
  #7  
Old March 30th, 2010, 01:05 PM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Re: Microsoft Security Bulletin Summary for March 9, 2010
MICROSOFT Out-Of-Band Security Bulletin(s) for March 30, 2010

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Out-of-Band Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Full Bulletin Summary:

http://www.microsoft.com/technet/sec.../ms10-mar.mspx

Critical (1)

Microsoft Security Bulletin MS10-018
Cumulative Security Update for Internet Explorer (980182)

http://www.microsoft.com/technet/sec.../ms10-018.mspx
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
  #8  
Old March 30th, 2010, 03:06 PM
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is online now
Administrator
  
Join Date: May 2003
Location: UK
Posts: 9,172
Default Re: Microsoft Security Bulletin Summary for March 9, 2010
Security Bulletin MS10-018 Released
Quote:

Hi everyone,

Today we released MS10-018 out-of-band due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in Security Advisory 981374. I want to reiterate that Internet Explorer 8 is not affected by this issue so customers using this version are not affected by these attacks and we continue to encourage customers to upgrade to the newer version because it provides more security and protection.

MS10-018 is a typical cumulative update for Internet Explorer and was originally going to be released during the normal update cycle on the 13th of April. The Internet Explorer team accelerated testing of this update due to the growing attacks against the publicly disclosed vulnerability (CVE-2010-0806), and the update has reached the appropriate quality bar for distribution to customers. Releasing the update early provides Internet Explorer 6 and 7 customers protection against the active attacks and provides users of all versions of Internet Explorer protection against nine other vulnerabilities. I clarify this in the following video:

http://blogs.technet.com/msrc/archiv...-released.aspx
__________________
Wilders
~Security Specialists~
Microsoft MVP - Consumer Security
 

Wilders Security Forums > Other Security Topics > other security issues & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 01:34 PM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums