Microsoft Security Bulletin Summary for March 9, 2010

Microsoft Security Bulletin Summary for March 9, 2010

Microsoft Security Bulletin Summary for March 9, 2010
Published: March 9 2010

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:

http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx

Critical (0)


Important (2)

Microsoft Security Bulletin MS10-017 - Important
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)
Published: March 09, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-017.mspx


Microsoft Security Bulletin MS10-016 - Important
Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)
Published: March 09, 2010
http://www.microsoft.com/technet/security/Bulletin/MS10-016.mspx

Moderate (0)





Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

TechNet Webcast: Information About Microsoft March Security Bulletins (Level 200)
Event ID: 1032427711

Language(s): English.
Product(s): Security.
Audience(s): IT Generalist.


Duration: 90 Minutes
Start Date: Wednesday, March 10, 2010 11:00 AM Pacific Time (US & Canada)



Event Overview

Join us for a brief overview of the technical details of the March security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Senior Security Program Manager Lead, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation





Register now for the March security bulletin webcast.

 

Microsoft® Windows® Malicious Software Removal Tool (KB890830)
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

New Additions

We have added detection and cleaning capabilities for the following malicious software:

* Pushbot

Win32/Pushbot

Encyclopedia entry
Updated: Mar 04, 2010 | Published: Jan 27, 2010

Aliases

*
* W32/Sdbot.worm.gen.ca (McAfee) SDBot.gen8 (Norman)
* W32.Palevo (Symantec)
* P2P-Worm.Win32.Palevo (Kaspersky)


Alert Level (?)
Severe

http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

 

Microsoft Security Advisory (981374)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: March 09, 2010
http://www.microsoft.com/technet/security/advisory/981374.mspx

Revisions•
V1.0 (March 9, 2010): Advisory published.

Microsoft Security Advisory (973811)
Extended Protection for Authentication
Published: August 11, 2009 | Updated: March 09, 2010
http://www.microsoft.com/technet/security/advisory/973811.mspx

Revisions: •
V1.0 (August 11, 2009): Advisory published.
•
V1.1 (October 14, 2009): Updated the FAQ with information about a non-security update included in MS09-054 relating to WinINET.
•
V1.2 (December 8, 2009): Updated the FAQ with information about three non-security updates relating to Windows HTTP Services, HTTP Protocol Stack, and Internet Information Services.
•
V1.3 (March 9, 2010): Updated the FAQ to announce the rerelease of the update that enables Internet Information Services to opt in to Extended Protection for Authentication. For more information, see Known issues in Microsoft Knowledge Base Article 973917.

 

Microsoft Security Bulletin Major Revisions

********************************************************************
Title: Microsoft Security Bulletin Major Revisions
Issued: March 9, 2010
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS09-033 - Important

Bulletin Information:
=====================

* MS09-033 - Important

http://www.microsoft.com/technet/security/bulletin/ms09-033.mspx

- Reason for Revision: V2.0 (March 9, 2010): Rereleased this
bulletin to add Microsoft Virtual Server 2005 to affected
software. No other update packages are affected by this rerelease.
- Originally posted: July 14, 2009
- Updated: March 9, 2010
- Bulletin Severity Rating: Important
- Version: 2.0

 

March 2010 Security Release ISO Image
Brief Description
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on March 9th, 2010.

http://www.microsoft.com/downloads/...FamilyID=4ef25bf7-b869-4b38-a970-08b4092c9b8c

 

MICROSOFT Out-Of-Band Security Bulletin(s) for March 30, 2010

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Out-of-Band Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Full Bulletin Summary:

http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx

Critical (1)

Microsoft Security Bulletin MS10-018
Cumulative Security Update for Internet Explorer (980182)

http://www.microsoft.com/technet/security/bulletin/ms10-018.mspx

 

Security Bulletin MS10-018 Released

http://blogs.technet.com/msrc/archive/2010/03/30/security-bulletin-ms10-018-released.aspx