Microsoft Security Bulletin Summary for November 9 2010

Microsoft Security Bulletin Summary for November 9 2010

Microsoft Security Bulletin Summary for November 9 2010
Published: November 9 2010

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx


Critical (1)
Microsoft Security Bulletin MS10-087 - Critical

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)
Published: November 09, 2010
http://www.microsoft.com/technet/security/bulletin/MS10-087.mspx

important (2)
Microsoft Security Bulletin MS10-088 - Important

Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)
Published: November 09, 2010
http://www.microsoft.com/technet/security/bulletin/ms10-088.mspx


Microsoft Security Bulletin MS10-089 - Important
Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)
Published: November 09, 2010
http://www.microsoft.com/technet/security/bulletin/ms10-089.mspx


Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

TechNet Webcast: Information About Microsoft November Security Bulletins (Level 200)
Event ID: 1032454441
Language(s): English.
Product(s): Security.
Audience(s): IT Decision Maker,IT Generalist.


Duration: 90 Minutes
Start Date: Wednesday, November 10, 2010 11:00 AM Pacific Time (US & Canada)

Event Overview
Join us for a brief overview of the technical details of the November security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Dustin Childs, Senior Security Program Manager Lead, Microsoft Corporation


Register now for the November security bulletin webcast.

 

Microsoft® Windows® Malicious Software Removal Tool (KB890830)
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

Version:3.13Date Published:11/9/2010

http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

 

Microsoft Security Bulletin Minor Revisions - Nov 17, 2010

Issued: November 17, 2010

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS10-088 - Important
* MS10-087 - Critical

Bulletin Information:
=====================

* MS10-088 - Important

http://www.microsoft.com/technet/security/bulletin/ms10-088.mspx
- Reason for Revision: V1.2 (November 17, 2010): Clarified that for
Microsoft PowerPoint 2002 and Microsoft PowerPoint 2003,
customers also need to install the Microsoft Office update
provided in MS10-087 to be protected from the vulnerability
described in CVE-2010-2573. This is an informational change
only. Customers who have already successfully applied the
MS10-087 and the MS10-088 updates do not need to take any action.
- Originally posted: November 9, 2010
- Updated: November 17, 2010
- Bulletin Severity Rating: Important
- Version: 1.2

* MS10-087 - Critical

http://www.microsoft.com/technet/security/bulletin/ms10-087.mspx
- Reason for Revision: V1.1 (November 17, 2010): Corrected the
severity table and vulnerability section to add CVE-2010-2573
as a vulnerability addressed by this update. This is an
informational change only.
- Originally posted: November 9, 2010
- Updated: November 17, 2010
- Bulletin Severity Rating: Critical
- Version: 1.1