Microsoft Security Bulletin Summary for december 14 2010

Discussion in 'other security issues & news' started by NICK ADSL UK, Dec 14, 2010.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Bulletin Summary for december 14 2010

    Microsoft Security Bulletin Summary for december 14 2010
    Published: december 14 2010


    Note: There may be latency issues due to replication, if the page does not display keep refreshing


    Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


    Today Microsoft released the following Security Bulletin(s).

    Bulletin Summary:

    http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

    Critical (2)
    Microsoft Security Bulletin MS10-090
    Cumulative Security Update for Internet Explorer (2416400)
    http://www.microsoft.com/technet/security/bulletin/ms10-090.mspx

    Microsoft Security Bulletin MS10-091
    Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution (2296199)
    http://www.microsoft.com/technet/security/bulletin/ms10-091.mspx



    Important (14)
    Microsoft Security Bulletin MS10-092
    Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)
    http://www.microsoft.com/technet/security/bulletin/ms10-092.mspx

    Microsoft Security Bulletin MS10-093
    Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (2424434)
    http://www.microsoft.com/technet/security/bulletin/ms10-093.mspx



    Microsoft Security Bulletin MS10-094
    Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)
    http://www.microsoft.com/technet/security/bulletin/ms10-094.mspx

    Microsoft Security Bulletin MS10-095
    Vulnerability in Microsoft Windows Could Allow Remote Code Execution (238567:cool:
    http://www.microsoft.com/technet/security/bulletin/ms10-095.mspx

    Microsoft Security Bulletin MS10-096
    Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089)
    http://www.microsoft.com/technet/security/bulletin/ms10-096.mspx

    Microsoft Security Bulletin MS10-097
    Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)
    http://www.microsoft.com/technet/security/bulletin/ms10-097.mspx

    Microsoft Security Bulletin MS10-098
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
    http://www.microsoft.com/technet/security/bulletin/ms10-098.mspx

    Microsoft Security Bulletin MS10-099
    Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591)
    http://www.microsoft.com/technet/security/bulletin/ms10-099.mspx

    Microsoft Security Bulletin MS10-100
    Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)
    http://www.microsoft.com/technet/security/bulletin/ms10-100.mspx

    Microsoft Security Bulletin MS10-101
    Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)
    http://www.microsoft.com/technet/security/bulletin/ms10-101.mspx

    Microsoft Security Bulletin MS10-102
    Vulnerability in Hyper-V Could Allow Denial of Service (2345316)
    http://www.microsoft.com/technet/security/bulletin/ms10-102.mspx

    Microsoft Security Bulletin MS10-103
    Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
    http://www.microsoft.com/technet/security/bulletin/ms10-103.mspx

    Microsoft Security Bulletin MS10-104
    Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
    http://www.microsoft.com/technet/security/bulletin/ms10-104.mspx

    Microsoft Security Bulletin MS10-105
    Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
    http://www.microsoft.com/technet/security/bulletin/ms10-105.mspx

    Moderate (1)


    Microsoft Security Bulletin MS10-106
    Vulnerability in Microsoft Exchange Server Could Allow Denial of Service (2407132)
    http://www.microsoft.com/technet/security/bulletin/ms10-106.mspx




    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    TechNet Webcast: Information About Microsoft December Security Bulletins (Level 200)
    Event ID: 1032454444



    Language(s): English.
    Product(s): Other.
    Audience(s): IT Generalist.



    Event Overview
    Join us for a brief overview of the technical details of the December security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

    Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Jonathan Ness, Principal Security SDE Lead, MSRC, Microsoft Corporation




    Register now for the December security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Bulletin Re-Releases - Dec. 14, 2010
    Issued: December 14, 2010

    Summary
    =======
    The following bulletins have undergone a major revision increment.
    Please see the appropriate bulletin for more details.

    * MS10-083 - Important
    * MS10-077 - Critical
    * MS10-070 - Important

    Bulletin Information:
    =====================

    * MS10-083 - Important
    http://www.microsoft.com/technet/security/bulletin/ms10-083.mspx

    - Reason for Revision: V2.0 (December 14, 2010): Added an update
    FAQ to announce an additional update for Windows Vista
    Service Pack 2 (KB97968:cool: and Windows Server 2008 Service
    Pack 2 (KB97968:cool: for users who have installed Windows Search
    4.0 on Windows Vista Service Pack 1 or Windows Server 2008,
    then installed the security update offered in KB2405882, and
    then migrated to Windows Vista Service Pack 2 or Windows
    Server 2008 Service Pack 2. Customers in this scenario will
    need to install the new update offered in KB2405882 to be
    protected against the vulnerability described in this bulletin.
    - Originally posted: October 12, 2010
    - Updated: December 14, 2010
    - Bulletin Severity Rating: Important
    - Version: 2.0

    * MS10-077 - Critical


    http://www.microsoft.com/technet/security/bulletin/ms10-077.mspx
    - Reason for Revision: V2.0 (December 14, 2010): Added an update
    FAQ to announce that new update packages are available for
    .NET Framework 4.0 to correct an issue in the setup that
    could interfere with the successful installation of other
    updates and/or products. Customers who have already
    successfully updated their systems do not need to take any action.
    - Originally posted: October 12, 2010
    - Updated: December 14, 2010
    - Bulletin Severity Rating: Critical
    - Version: 2.0

    * MS10-070 - Important

    http://www.microsoft.com/technet/security/bulletin/ms10-070.mspx
    - Reason for Revision: V3.0 (December 14, 2010): Added an update
    FAQ to announce that new update packages are available for
    .NET Framework 4.0 (KB2416472) to correct an issue in the
    setup that could interfere with the successful installation
    of other updates and/or products. Customers who have already
    successfully updated their systems do not need to take any action.
    - Originally posted: September 28, 2010
    - Updated: December 14, 2010
    - Bulletin Severity Rating: Important
    - Version: 3.0
    --
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Reason for Revision: V2.0 (December 15, 2010):
    Announced the
    availability of the security updates for Microsoft Office
    2008 for Mac (KB2476512) and Open XML File Format Converter
    for Mac (KB2476511). Microsoft recommends that users of these
    software apply these updates at the earliest opportunity.
    - Originally posted: November 9, 2010
    - Updated: December 15, 2010
    - Bulletin Severity Rating: Critical
    - Version: 2.0

    http://www.microsoft.com/technet/security/bulletin/ms10-087.mspx
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Advisory Notification - Dec. 17, 2010
    Issued: December 17, 2010

    Security Advisories Updated or Released Today
    ==============================================

    * Microsoft Security Advisory (973811)
    - Title: Extended Protection for Authentication

    http://www.microsoft.com/technet/security/advisory/973811.mspx
    - Revision Note: V1.9 (December 17, 2010): Removed the FAQ
    entry, originally added December 14, 2010, about a
    non-security update enabling Microsoft Outlook to opt in to
    Extended Protection for Authentication.
     
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    On Tuesday, December 14, we released an update (KB2412171) for Microsoft Outlook 2007.

    http://blogs.msdn.com/b/outlook/arc...-with-the-recent-update-for-outlook-2007.aspx
     
  9. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
    Microsoft Security Advisory (2488013)

    Microsoft Security Advisory (2488013)
    Vulnerability in Internet Explorer Could Allow Remote Code Execution
    Published: December 22, 2010

    Version: 1.0

    Revisions
    • V1.0 (December 22, 2010): Advisory published.

    http://www.microsoft.com/technet/security/advisory/2488013.mspx
     
  10. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,218
    Location:
    UK
Loading...
Thread Status:
Not open for further replies.