Microsoft Security Bulletin Summary for October 12 2010

Microsoft Security Bulletin Summary for October 12 2010

Microsoft Security Bulletin Summary for October 12 2010
Published: October 12 2010

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:

http://www.microsoft.com/technet/security/bulletin/ms10-oct.mspx

Critical (4)
Cumulative Security Update for Internet Explorer (2360131)
http://go.microsoft.com/fwlink/?LinkId=202013

Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)
http://go.microsoft.com/fwlink/?LinkId=201722

Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)
http://go.microsoft.com/fwlink/?LinkId=194560

Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
http://go.microsoft.com/fwlink/?LinkId=201704

Important (10)
Vulnerabilities in SafeHTML Could Allow Information Disclosure (241204
http://go.microsoft.com/fwlink/?LinkID=202016

Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
http://go.microsoft.com/fwlink/?LinkId=201093

Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
http://go.microsoft.com/fwlink/?LinkId=201084

Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
http://go.microsoft.com/fwlink/?LinkId=201696

Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
http://go.microsoft.com/fwlink/?LinkId=200529

Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
http://go.microsoft.com/fwlink/?LinkId=201086

Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)
http://go.microsoft.com/fwlink/?LinkId=201098

Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)
http://go.microsoft.com/fwlink/?LinkId=190553

Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
http://go.microsoft.com/fwlink/?LinkId=201720

Vulnerability in SChannel Could Allow Denial of Service (2207566)
http://go.microsoft.com/fwlink/?LinkId=201705



Moderate (2)
Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)
http://go.microsoft.com/fwlink/?LinkId=201703

Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
http://go.microsoft.com/fwlink/?LinkId=201721


Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

TechNet Webcast: Information About Microsoft October Security Bulletins (Level 200)
Event ID: 1032454437

Language(s): English.
Product(s): Security.
Audience(s): IT Decision Maker,IT Generalist.


Duration: 90 Minutes
Start Date: Wednesday, October 13, 2010 11:00 AM Pacific Time (US & Canada)

Event Overview
Join us for a brief overview of the technical details of the October security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Jonathan Ness, Principle Security SDE Lead, MSRC, Microsoft Corporation


Register now for the October security bulletin webcast.

 

Microsoft® Windows® Malicious Software Removal Tool (KB890830)
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

Quick Details

--------------------------------------------------------------------------------

Version:3.12Date Published:10/12/2010
http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

 

Microsoft Security Advisory (973811)
Extended Protection for Authentication
Published: August 11, 2009 | Updated: October 12, 2010

Revisions:

• V1.0 (August 11, 2009): Advisory published.

• V1.1 (October 14, 2009): Updated the FAQ with information about a non-security update included in MS09-054 relating to WinINET.

• V1.2 (December 8, 2009): Updated the FAQ with information about three non-security updates relating to Windows HTTP Services, HTTP Protocol Stack, and Internet Information Services.

• V1.3 (March 9, 2010): Updated the FAQ to announce the rerelease of the update that enables Internet Information Services to opt in to Extended Protection for Authentication. For more information, see Known issues in Microsoft Knowledge Base Article 973917.

• V1.4 (April 14, 2010): Updated the Suggested Actions section to direct customers to the "What other actions is Microsoft taking to implement this feature?" entry in the section, Frequently Asked Questions.

• V1.5 (June 8, 2010): Updated the FAQ with information about six non-security updates enabling .NET Framework to opt in to Extended Protection for Authentication.

• V1.6 (September 14, 2010): Updated the FAQ with information about a non-security update enabling Outlook Express and Windows Mail to opt in to Extended Protection for Authentication.

• V1.7 (October 12, 2010): Updated the FAQ with information about a non-security update enabling Windows Server Message Block (SMB) to opt in to Extended Protection for Authentication.

http://www.microsoft.com/technet/security/advisory/973811.mspx

 

Microsoft Security Bulletin MS10-085 - Important
Vulnerability in SChannel Could Allow Denial of Service (2207566)
Published: October 12, 2010 | Updated: October 18, 2010

Revisions
•

V1.0 (October 12, 2010): Bulletin published.
•

V2.0 (October 18, 2010): Corrected the bulletin text to clarify that the vulnerability can be exploited on affected systems that are configured to receive SSL network traffic. This is an informational change only. Customers who have already successfully updated their systems, including customers with automatic updating enabled, do not need to take any action. Customers who have not installed this update previously may need to reassess whether their systems require this update based on the vulnerability information as revised.

http://www.microsoft.com/technet/security/bulletin/MS10-085.mspx?pubDate=2010-10-18

 

Microsoft Security Bulletin MS10-077 - Critical
Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
Published: October 12, 2010 | Updated: October 26, 2010

Revisions
• V1.0 (October 12, 2010): Bulletin published.

• V1.1 (October 13, 2010): Changed the vulnerability severity rating for Windows Server 2008 and Windows Server 2008 R2 to Important. Also added a link to Microsoft Knowledge Base Article 2160841 under Known Issues in the Executive Summary, and revised the vulnerability mitigations.

• V1.2 (October 26, 2010): Revised this bulletin to announce a detection change to fix an installation issue. This is a detection change only. There were no changes to the security update. Customers who have already installed the update successfully do not need to reinstall.

http://www.microsoft.com/technet/security/bulletin/ms10-077.mspx

 

Microsoft Security Advisory (2458511)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: November 03, 2010

Version: 1.0

General Information
Executive Summary
Microsoft is investigating new, public reports of a vulnerability in all supported versions of Internet Explorer. The main impact of the vulnerability is remote code execution. This advisory contains workarounds and mitigations for this issue.

The vulnerability exists due to an invalid flag reference within Internet Explorer. It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.

At this time, we are aware of targeted attacks attempting to use this vulnerability. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

http://www.microsoft.com/technet/security/advisory/2458511.mspx