magnify
Home Güvenlik Critical Product Vulnerability – July 2010 Microsoft Security Bulletin Release
formats

Critical Product Vulnerability – July 2010 Microsoft Security Bulletin Release

Tarih 14 Temmuz 2010 yazar içinde Güvenlik
What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on July 13, 2010. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following four new security bulletins for newly discovered vulnerabilities:

Bulletin ID Bulletin Title Maximum Severity Rating Vulnerability Impact Restart Requirement Affected Software
MS10-042 Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593) Critical Remote Code Execution May require restart Microsoft Windows XP and Windows Server 2003.
MS10-043 Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276) Critical Remote Code Execution Requires restart Microsoft Windows 7 for x64-based systems and Windows Server 2008 R2 for x64-based systems.
MS10-044 Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335) Critical Remote Code Execution May require restart Microsoft Office Access 2003 and Office Access 2007.
MS10-045 Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212) Important Remote Code Execution May require restart Microsoft Office Outlook 2002, Office Outlook 2003, and Office Outlook 2007.
Note: The affected software listed in this table is an abstract. To see the complete list, please visit the bulletin at the link in the left column and navigate to the Affected Software section of the page.

Summaries for new bulletin(s) may be found at http://www.microsoft.com/technet/security/bulletin/MS10-jul.mspx.

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830.

High Priority Non-Security Updates

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at http://support.microsoft.com/?id=894199.

Public Bulletin Webcast

Microsoft will host a webcast to address customer questions on these bulletins:

Title: Information about Microsoft July Security Bulletins (Level 200)

Date: Wednesday, July 14, 2010, 11:00 A.M. Pacific Time (U.S. and Canada)

URL: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032454299

New Security Bulletin Technical Details

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle web site at http://support.microsoft.com/lifecycle/.

Bulletin Identifier Microsoft Security Bulletin MS10-042
Bulletin Title Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)
Executive Summary This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message.

The security update addresses the vulnerability by modifying the manner in which data is validated when passed to the Windows Help and Support Center.

This security update also addresses the vulnerability first described in Microsoft Security Advisory 2219475.

Severity Ratings and Affected Software This security update is rated Critical for all supported editions of Windows XP, and Low for all supported editions of Windows Server 2003.
Attack Vectors
  • A maliciously crafted Web page.
  • A maliciously crafted e-mail.
Mitigating Factors
  • Users would have to be persuaded to visit a malicious web site.
  • The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message.
  • Exploitation only gains the same user rights as the logged on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Restart Requirement This update may require a restart.
Bulletins Replaced by This Update None
Full Details http://www.microsoft.com/technet/security/bulletin/MS10-042.mspx
Bulletin Identifier Microsoft Security Bulletin MS10-043
Bulletin Title Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
Executive Summary This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.

The security update addresses the vulnerability by correcting the manner in which the Canonical Display Driver parses information copied from user mode to kernel mode.

This security update also addresses the vulnerability first described in Microsoft Security Advisory 2028859.

Severity Ratings and Affected Software This security update is rated Critical for x64-based editions of Windows 7 and Important for Windows Server 2008 R2.
Attack Vectors
  • A maliciously crafted image file.
  • Common delivery mechanisms: a maliciously crafted Web page, an e-mail attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors
  • This vulnerability only impacts Windows systems that have the Windows Aero theme installed.
  • By default, Windows Aero is not enabled in Windows Server 2008 R2, and the platform does not include Aero-capable graphics drivers.
  • Users would have to be persuaded to visit a malicious web site.
Restart Requirement This update requires a restart.
Bulletins Replaced by This Update None
Full Details http://www.microsoft.com/technet/security/bulletin/MS10-043.mspx
Bulletin Identifier Microsoft Security Bulletin MS10-044
Bulletin Title Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)
Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls.

The update addresses the vulnerabilities by updating specific Access ActiveX controls and by modifying the way memory is accessed by Microsoft Office and by Internet Explorer when loading Access ActiveX controls.

Severity Ratings and Affected Software This security update is rated Critical for supported editions of Microsoft Office Access 2003 and Microsoft Office Access 2007.
Attack Vectors
  • A maliciously crafted Web page.
  • A maliciously crafted e-mail attachment.
Mitigating Factors
  • Users would have to be persuaded to visit a malicious web site.
  • Exploitation only gains the same user rights as the logged on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • By default, all versions of Outlook, Outlook Express, and Windows Mail open HTML e-mail messages in the Restricted Sites zone.
  • By default, IE on Windows 2003 and Windows Server 2008 runs in a restricted mode.
Restart Requirement This update may require a restart.
Bulletins Replaced by This Update None
Full Details http://www.microsoft.com/technet/security/bulletin/MS10-044.mspx
Bulletin Identifier Microsoft Security Bulletin MS10-045
Bulletin Title Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)
Executive Summary This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook.

The update addresses the vulnerability by modifying the way that Microsoft Office Outlook verifies attachments in a specially crafted e-mail message.

Severity Ratings and Affected Software This security update is rated Important for all supported editions of Microsoft Office Outlook 2002, Microsoft Office Outlook 2003, and Microsoft Office Outlook 2007.
Attack Vectors
  • A maliciously crafted e-mail attachment.
Mitigating Factors
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Cannot be exploited automatically through e-mail, because a user must open an attachment that is sent in an e-mail message.
Restart Requirement This update may require a restart.
Bulletins Replaced by This Update MS09-060
Full Details http://www.microsoft.com/technet/security/bulletin/MS10-045.mspx

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,

 
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
Critical Product Vulnerability – July 2010 Microsoft Security Bulletin Release için yorumlar kapalı  comments 
© Hakan Uzuner
credit