Microsoft Security Bulletin Summary for April 13, 2010

NICK ADSL UK · Apr 13, 2010

Microsoft Security Bulletin Summary for April 13, 2010

Microsoft Security Bulletin Summary for April 13, 2010
Published: April 13 2010

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:

http://www.microsoft.com/technet/security/bulletin/ms10-apr.mspx

Critical (5)

Microsoft Security Bulletin MS10-019 - Critical
Vulnerabilities in Windows Could Allow Remote Code Execution (981210)
Published: April 13, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-019.mspx

Microsoft Security Bulletin MS10-020 - Critical
Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232)
Published: April 13, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-020.mspx

Microsoft Security Bulletin MS10-025 - Critical
Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (98085
Published: April 13, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-025.mspx

Microsoft Security Bulletin MS10-026 - Critical
Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)
Published: April 13, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-026.mspx

Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402)
http://www.microsoft.com/technet/security/bulletin/ms10-027.mspx

Important (5)

Microsoft Security Bulletin MS10-021 - Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)
Published: April 13, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-021.mspx

Microsoft Security Bulletin MS10-022 - Important
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)
Published: April 13, 2010
http://www.microsoft.com/technet/security/bulletin/MS10-022.mspx

Microsoft Security Bulletin MS10-023 - Important
Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)
Published: April 13, 2010
http://www.microsoft.com/technet/security/bulletin/ms10-023.mspx

Microsoft Security Bulletin MS10-024 - Important
Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)
Published: April 13, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-024.mspx

Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)
http://www.microsoft.com/technet/security/bulletin/ms10-028.mspx

Moderate (1)

Vulnerabilities in Windows ISATAP Component Could Allow Spoofing (97833
http://www.microsoft.com/technet/security/bulletin/ms10-029.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

NICK ADSL UK · Apr 13, 2010

TechNet Webcast: Information About Microsoft April Security Bulletins (Level 200)
Event ID: 1032427721

Language(s): English.
Product(s): Security.
Audience(s): IT Generalist.

Duration: 90 Minutes
Start Date: Wednesday, April 14, 2010 11:00 AM Pacific Time (US & Canada)

Event Overview

Join us for a brief overview of the technical details of the April security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Senior Security Program Manager Lead, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

Register now for the April security bulletin webcast.

NICK ADSL UK · Apr 13, 2010

Microsoft® Windows® Malicious Software Removal Tool (KB890830)
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

New Additions
We have added detection and cleaning capabilities for the following malicious software:

Magania
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32/Magania

http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

NICK ADSL UK · Apr 13, 2010

April 2010 Security Bulletin Release

Hi everyone,

Today, as part of our monthly security update cycle, we are releasing 11 security bulletins to address 25 vulnerabilities: five rated Critical, five rated Important and one rated Moderate. This month’s release affects Windows, Microsoft Office, and Microsoft Exchange. Additionally, the Malicious Software Removal Tool (MSRT) was updated to include Win32/Magania.

Our guidance on deployment priority is that customers should consider MS10-019, MS10-026, and MS10-027 as the top priority bulletins for April. We do however recommend that customers deploy all security updates as soon as possible.

•MS10-019 affects all versions of Windows. While we give this a 2 on the exploitability index, the issue would allow an attacker to alter signed executable content (PE and CAB files) without invalidating the signature. Note that WU/MU content is not affected by this issue due to additional checks made when validating signed content.
•MS10-026 does not affect Windows 7, Windows Server 2008 R2, or Itanium versions of Windows Server 2008 and Windows Server 2003. However, it is critical on Windows 2000, XP, Server 2003 and Server 2008. The vulnerability could be triggered simply by visiting a web page hosting a specially crafted AVI file that began streaming when the page loads.
•MS10-027 affects only Windows 2000 and Windows XP users who could potentially be exploited simply by visiting a specially crafted web page.
More listening and viewing options:

•Windows Media Video (WMV)
•Windows Media Audio (WMA)
•iPod Video (MP4)
•MP3 Audio
•High Quality WMV (2.5 Mbps)
•Zune Video (WMV)
Click to expand...

http://blogs.technet.com/msrc/archive/2010/04/13/april-2010-security-bulletin-release.aspx

NICK ADSL UK · Apr 21, 2010

Microsoft Security Bulletin MS10-025 - Critical
Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (98085
Published: April 13, 2010 | Updated: April 21, 2010

Revisions
• V1.0 (April 13, 2010): Bulletin published.

• V1.1 (April 14, 2010): Corrected the restart requirement for Microsoft Windows 2000 Server.

• V2.0 (April 21, 2010): Revised bulletin to inform customers that the original security update did not protect systems from the vulnerability described in this bulletin. Microsoft recommends that customers apply one of the workarounds described in this bulletin to help mitigate the impact to affected systems until a revised security update is made available.

http://www.microsoft.com/technet/security/bulletin/ms10-025.mspx

NICK ADSL UK · Apr 23, 2010

http://blogs.technet.com/msrc/archive/2010/04/23/update-on-ms10-025.aspx

I wanted to give customers an update on the status of MS10-025. First, I want to reiterate that this issue affects only Windows 2000 Servers in a non-default configuration: Windows Media Services needs to be installed. Customers who do not have Windows Media Services installed are not affected and were not offered this update.
Shortly after we released the update we received several reports that it did not protect against the vulnerability reported to us. At that time, we pulled the update and notified customers. The main reason for pulling the update was to save a reboot for customers who had not yet installed it. The original issue was missed due to focusing on a variant of the original report early in the investigation. We are addressing this issue and plan to re-release the update next week.
Once we are sure of the exact day the update will be ready for re-release, we will post that information to our Twitter account: @MSFTSecResponse. This will go out as a major revision to the bulletin so there will be no advance notification mailer going out but those who have subscribed to our comprehensive notification service will receive an email when it is released. Subscribe here.
In the meantime, we continue to encourage customers who have Windows Media Services installed on Windows 2000 Server to review the mitigations and workarounds in the bulletin and to apply firewall best practices to reduce exposure.
Thanks,
Jerry Bryant
Group Manager, Response Communications
Click to expand...

NICK ADSL UK · Apr 28, 2010

MS10-025 - Critical

Reason for Revision: V3.0 (April 27, 2010): Revised bulletin to

offer the rereleased security update for Windows Media
Services running on Microsoft Windows 2000 Server Service
Pack 4. Microsoft recommends that customers running the
affected software apply the rereleased security update immediately.
- Originally posted: April 13, 2010
- Updated: April 27, 2010
- Bulletin Severity Rating: Critical
- Version: 3.0

http://www.microsoft.com/technet/security/bulletin/ms10-025.mspx

NICK ADSL UK · May 3, 2010

********************************************************************
Title: Microsoft Security Bulletin Major Revision
Issued: May 3, 2010
********************************************************************

Summary
=======
The following bulletin has undergone a major revision increment.

* MS10-016 - Important

Bulletin Information:
=====================

* MS10-016 - Important
http://blogs.technet.com/msrc/archive/2010/05/03/update-on-ms10-016-for-microsoft-producer.aspx

- Reason for Revision: V2.0 (May 3, 2010): Corrected installation
switches for Movie Maker 2.6 on Windows Vista and Windows 7.
Also, announced availability of Microsoft Producer. Microsoft
recommends that users of Microsoft Producer 2003 upgrade to
the new version, Microsoft Producer.
- Originally posted: March 9, 2010
- Updated: May 3, 2010
- Bulletin Severity Rating: Important
- Version: 2.0
Revisions
• V1.0 (March 9, 2010): Bulletin published.

• V1.1 (March 17, 2010): Corrected the registry keys in the workaround, Remove the Microsoft Producer 2003 .MSProducer, .MSProducerZ, and .MSProducerBF file associations.

• V2.0 (May 3, 2010): Corrected installation switches for Movie Maker 2.6 on Windows Vista and Windows 7. Also, announced availability of Microsoft Producer. Microsoft recommends that users of Microsoft Producer 2003 upgrade to the new version, Microsoft Producer.

.http://www.microsoft.com/technet/security/bulletin/ms10-016.mspx

Log in or Sign up

Microsoft Security Bulletin Summary for April 13, 2010

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

Log in or Sign up

Microsoft Security Bulletin Summary for April 13, 2010

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

NICK ADSL UK Administrator

Useful Searches