Order Now!
Windows 7 for XP ProfessionalsUpdating Support Skills from XP to Windows 7by Bink.nu's Raymond Comvalius
There are 31 guest(s) online.
There are 0 member(s) online.
This is an advance notification of security bulletins that Microsoft is intending to release on May 10, 2011. This bulletin advance notification will be replaced with the May bulletin summary on May 10, 2011.
The following table summarizes the security bulletins for this month in order of severity.
For details on affected software, see the next section, Affected Software.
Bulletin 1
CriticalRemote Code Execution
May require restart
Microsoft Windows
Bulletin 2
ImportantRemote Code Execution
Microsoft Office
Full Story At Source
Today, as part of our usual monthly bulletin cadence, we are providing our Advance Notification Service for February's security bulletins. This month, we'll release 12 bulletins, three of them rated Critical and nine rated Important, addressing issues in Microsoft Windows, Internet Explorer, Office, Visual Studio, and IIS. 22 issues will be addressed.
As part of this month's update, we'll be addressing issues related to two recent Security Advisories, 2490606 (a public vulnerability affecting the Windows Graphics Rendering Engine) and 2488013 (a public vulnerability affecting Internet Explorer). Additionally, we will be addressing an issue affecting FTP service in IIS 7.0 and 7.5.
Continue At Source
The Microsoft Business Ready Security trial environment provides an end to end trial experience across all of the Business Ready Security solutions. The environment provides an opportunity to evaluate protection, access, management and identity technologies as a pre-configured set of VHDs.
The links in this section correspond to separate files available in this download. Download the files most appropriate for you.
Download at Source
We announced back in September that Microsoft Security Essentials would be changing its licensing terms and would soon become available to small business on up to 10 PCs. We are happy to announce that beginning October 7, the change will go into effect and small business owners will be able to download and install Microsoft Security Essentials. This new availability will allow small businesses that operate outside of the home to take advantage of Microsoft’s no-cost antimalware service that will help them save time, save money and remain productive while protecting them from viruses, spyware and other malicious threats. If you operate a small business with more than 10 PCs, we do recommend that you consider using the Forefront line products to address your security needs.
Continue at Source
Today we're releasing our Advance Notification Service (ANS) for the September Security Bulletins, which are scheduled for release Tuesday, September 14, 2010. This is a service we provide to help enterprises plan and prepare for the upcoming security bulletin release.
This month we will be releasing 9 bulletins addressing 13 11 vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office. Four of those bulletins carry a Critical rating, with the rest rated Important.
We recommend as always that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.
Next Wednesday, September 15th, Adrian Stone and Jerry Bryant will host a public webcast during which they'll go into details about the bulletins, and answer questions live on the air. To register for this webcast in advance:
Date: Wednesday, September 15, 2010 Time: 11:00 a.m. PDT (UTC -7) Registration: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032454433
Source
As we announced on Friday, today we released Security Bulletin MS10-046 out-of-band to address a vulnerability in Windows. This security update addresses a vulnerability in the handling of shortcuts that affects all currently supported versions of Windows XP, Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2. As our colleagues over in the MMPC have noted, several families of malware have been attempting to attack this vulnerability. The security update protects against attempts to exploit this issue.
For customers using automatic updates, this update will automatically be applied once it is released. Customers not using automatic updates should download, test and deploy this update as quickly as possible.
As we do with every bulletin release, we will be hosting a webcast to address your questions today at 1PM Pacific Time. Register now.
Source: MSRC
Today we are announcing the beta for the next version of Microsoft Security Essentials. Microsoft Security Essentials was first released in September 2009 and is our award-winning no-cost light weight anti-malware service. It’s designed to help address the ongoing security needs of PCs running genuine Windows – helping keep people protected from viruses, spyware, and other malicious software.
New features in the beta of Microsoft Security Essentials include:
Windows Firewall integration – During setup, Microsoft Security Essentials will now ask if you would like to turn the Windows Firewall on or off. Enhanced protection for web-based threats – Microsoft Security Essentials now integrates with Internet Explorer to provide protection against web-based threats. New protection engine – The updated anti-malware engine offers enhanced detection and cleanup capabilities with better performance. Network inspection system* – Protection against network-based exploits is now built in to Microsoft Security Essentials.
To download the beta of Microsoft Security Essentials, click here to visit the Microsoft Connect page to register for the beta. Once completed – you will find the instructions for downloading and installing the beta.
Continue at source
Bulletin ID
Bulletin Title and Executive Summary
MS10-019
Vulnerabilities in Windows Could Allow Remote Code Execution (981210) This security update resolves two privately reported vulnerabilities in Windows Authenticode Verification that could allow remote code execution. An attacker who successfully exploited either vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS10-020
Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) This security update resolves one publicly disclosed and several privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server.
MS10-025
Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) This security update resolves a privately reported vulnerability in Windows Media Services running on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted transport information packet to a Microsoft Windows 2000 Server system running Windows Media Services. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. On Microsoft Windows 2000 Server, Windows Media Services is an optional component and is not installed by default.
MS10-026
Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816) This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file containing an MPEG Layer-3 audio stream. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS10-027
Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402) This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS10-021
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.
MS10-022
Vulnerability in VBScript Could Allow Remote Code Execution (981169) This security update resolves a publicly disclosed vulnerability in VBScript on Microsoft Windows that could allow remote code execution. This security update is rated Important for Microsoft Windows 2000, Windows XP, and Windows Server 2003. On Windows Server 2008, Windows Vista, Windows 7, and Windows Server 2008 R2, the vulnerable code is not exploitable, however, as the code is present, this update is provided as a defense-in-depth measure and has no severity rating. The vulnerability could allow remote code execution if a malicious Web site displayed a specially crafted dialog box on a Web page and a user pressed the F1 key, causing the Windows Help System to be started with a Windows Help File provided by the attacker. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
MS10-023
Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160) This security update resolves a privately reported vulnerability in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS10-024
Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Exchange and Windows SMTP Service. The more severe of these vulnerabilities could allow denial of service if an attacker sent a specially crafted DNS response to a computer running the SMTP service. By default, the SMTP component is not installed on Windows Server 2003, Windows Server 2003 x64 Edition, or Windows XP Professional x64 Edition.
MS10-028
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) This security update resolves two privately reported vulnerabilities in Microsoft Office Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS10-029
Vulnerabilities in Windows ISATAP Component Could Allow Spoofing (978338) This security update resolves one privately reported vulnerability in Microsoft Windows. This security update is rated Moderate for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Windows 7 and Windows Server 2008 R2 are not vulnerable because these operating systems include the feature deployed by this security update. This vulnerability could allow an attacker to spoof an IPv4 address so that it may bypass filtering devices that rely on the source IPv4 address. The security update addresses the vulnerability by changing the manner in which the Windows TCP/IP stack checks the source IPv6 address in a tunneled ISATAP packet.
Next Tuesday we will release 11 bulletins addressing 25 vulnerabilities in Windows, Microsoft Office, and Microsoft Exchange. We recommend that customers review the ANS summary page and prepare to test and deploy the bulletins as quickly as possible.
Microsoft Security Bulletin Advance Notification for April 2010
I also want to point out to customers that we will be closing the following open Security Advisories with next week’s updates:
· Microsoft Security Advisory (981169) - Vulnerability in VBScript Could Allow Remote Code Execution.
· Microsoft Security Advisory (977544) - Vulnerability in SMB Could Allow Denial of Service
Microsoft would also like to remind you all that it is extremely important for customers to move to supported platforms because after the dates below, those products/service packs will no longer receive security updates.
Today we released MS10-018 out-of-band due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in Security Advisory 981374. I want to reiterate that Internet Explorer 8 is not affected by this issue so customers using this version are not affected by these attacks and we continue to encourage customers to upgrade to the newer version because it provides more security and protection.
MS10-018 is a typical cumulative update for Internet Explorer and was originally going to be released during the normal update cycle on the 13th of April. The Internet Explorer team accelerated testing of this update due to the growing attacks against the publicly disclosed vulnerability (CVE-2010-0806), and the update has reached the appropriate quality bar for distribution to customers. Releasing the update early provides Internet Explorer 6 and 7 customers protection against the active attacks and provides users of all versions of Internet Explorer protection against nine other vulnerabilities.
I clarify this in the following video:
listening and viewing options:
Note: Internet Explorer 6 and 7 are the only versions affected by the active attacks, why does the Advance Notification page state that Internet Explorer 8 and Windows 7 are affected? To clarify, the Security Advisory was released due to one vulnerability that is under active attack. That vulnerability only affects Internet Explorer 6 and 7. However, the bulletin, MS10-018, that we will release tomorrow, addresses 9 additional vulnerabilities. Some of those also affect Internet Explorer 8. All of the 9 additional vulnerabilities were responsibly disclosed and we are not aware of any active attacks against them.
The Microsoft Security Response Center (MSRC)
MSRC Blog: Today we are providing advance notification to customers that we will be releasing two bulletins this month affecting Windows and Microsoft Office products. Both bulletins are rated Important and address a total of 8 vulnerabilities.
We recommend that customers review the Advance Notification webpage and prepare to deploy these bulletins as soon as possible. To provide additional guidance for deployment prioritization, customers should note that both bulletins will address issues that would require a user to open a specially crafted file. There are no network based attack vectors.
We’re also continuing to monitor the situation with Security Advisory 981169, the VBScript issue disclosed on Monday. There are no known attacks but we encourage customers to review the advisory and apply the suggested workarounds where possible. Customers that are running Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista are not affected.
As always, we will be hosting a public webcast where we will go in to details about the bulletins for March and where customers can ask questions. We will have a room full of engineers on hand to answer those questions live during the webcast. Here are the details:
MSRC blog:
In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time and are still investigating. Please review our blog post from yesterday for additional information.
One of the key components when investigating issues like this are obtaining memory dumps from computers experiencing the problem. In order to get the information we need to fully analyze the issue, some of our support engineers have actually driven to customer locations and picked up affected systems so we can get the needed crash data directly and help inform our investigation. For more information about memory dumps, please see: http://support.microsoft.com/kb/254649.
We encourage customers to follow our “Protect Your PC” best practices and always have up to date anti-virus software running on their systems to help prevent malware infections. For customers who do not have anti-virus software, you can either scan your system using our online tool at http://safety.live.com or you can install Microsoft Security Essentials for free.
This can be a difficult issue to solve once a computer is in an un-bootable state so we encourage customers who feel they have been impacted by this to contact our Customer Service and Support group by either going to https://consumersecuritysupport.microsoft.com or by calling 1-866-PCSafety (1-866-727-2338). International customers can find local support contact numbers here: http://support.microsoft.com/common/international.aspx.
MSRC Blog:
I am writing to let you know that we are aware that after installing the February security updates a limited number of users are experiencing issues restarting their computers. Our initial analysis suggests that the issue occurs after installing MS10-015 (KB977165). However, we have not confirmed that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. Our teams are working to resolve this as quickly as possible. We also stopped offering this update through Windows Update as soon as we discovered the restart issues. However, those using enterprise deployment systems such as SMS or WSUS will still see and be able to deploy these packages.
As you may recall from previous blog posts, MS10-015 is an Elevation of Privilege that would require the attacker to have valid credentials in order to be able to leverage the vulnerability in an attack. Several other updates in this release were identified as having a high priority for deployment and we continue to encourage customers to thoroughly test the updates and deploy them immediately. At this time, we are not aware of any issues with the other updates that were released this month and we continue to encourage customers to install them as soon as possible in order to help ensure that they protected from the vulnerabilities they address.
While we work to address this issue, customers who choose not to install the update can implement the workaround outlined in the bulletin. CVE-2010-0232 was publicly disclosed and we previously issued Security Advisory 979682 in response. Customers can disable the NTVDM subsystem as a workaround and we have provided an automated method of doing that with a Microsoft Fix It that you can find here: http://support.microsoft.com/kb/979682.
Customers who are experiencing issues after installing any of our security updates can get help resolving the issues by either going to https://consumersecuritysupport.microsoft.com or by calling 1-866-PCSafety (1-866-727-2338). International customers can find local support contact numbers here: http://support.microsoft.com/common/international.aspx.
Today Microsoft released 13 bulletins addressing 26 vulnerabilities. 11 bulletins affect Windows and 2 affect older versions of Microsoft Office.
ID
Maximum Severity Rating and Vulnerability Impact
Restart Requirement
Affected Software
MS10-006
Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251) This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server.
Critical Remote Code Execution
Requires restart
MS10-007
Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713) This security update resolves a privately reported vulnerability in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not impacted by this security update. The vulnerability could allow remote code execution if an application, such as a Web browser, passes specially crafted data to the ShellExecute API function through the Windows Shell Handler.
MS10-008
Cumulative Security Update of ActiveX Kill Bits (978262) This security update addresses a privately reported vulnerability for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000 and Windows XP, Important for all supported editions of Windows Vista and Windows 7, Moderate for all supported editions of Windows Server 2003, and Low for all supported editions of Windows Server 2008 and Windows Server 2008 R2. The vulnerability could allow remote code execution if a user views a specially crafted Web page that instantiates an ActiveX control with Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes kill bits for four third-party ActiveX controls.
MS10-009
Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145) This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if specially crafted packets are sent to a computer with IPv6 enabled. An attacker could try to exploit the vulnerability by creating specially crafted ICMPv6 packets and sending the packets to a system with IPv6 enabled. This vulnerability may only be exploited if the attacker is on-link.
MS10-013
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935) This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS10-003
Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214) This security update resolves a privately reported vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Important Remote Code Execution
MS10-004
Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416) This security update resolves six privately reported vulnerabilities in Microsoft Office PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS10-010
Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894) This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Important Denial of Service
MS10-011
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037) This security update resolves a privately reported vulnerability in Microsoft Windows Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not affected. The vulnerability could allow elevation of privilege if an attacker logs on to the system and starts a specially crafted application designed to continue running after the attacker logs out. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.
Important Elevation of Privilege
MS10-012
Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468) This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities.
MS10-014
Vulnerability in Kerberos Could Allow Denial of Service (977290) This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow a denial of service if a specially crafted ticket renewal request is sent to the Windows Kerberos domain from an authenticated user on a trusted non-Windows Kerberos realm. The denial of service could persist until the domain controller is restarted.
MS10-015
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165) This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.
MS10-005
Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706) This security update resolves a privately reported vulnerability in Microsoft Paint. The vulnerability could allow remote code execution if a user viewed a specially crafted JPEG image file using Microsoft Paint. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Moderate Remote Code Execution
- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
- Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems
- Impact: Remote Code Execution
Bulletin 3
- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation not affected)
Bulletin 4
Bulletin 6
- Microsoft Windows 2000 Service Pack 4 - Windows XP Service Pack 2 and Windows XP Service Pack 3
Important Security Bulletins:
Bulletin 7
- Microsoft Office XP Service Pack 3
- Microsoft Office 2004 for Mac
Bulletin 8
- Microsoft Office PowerPoint 2002 Service Pack 3
- Microsoft Office PowerPoint 2003 Service Pack 3
Bulletin 9
- Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation affected)
- Impact: Denial of Service
Bulletin 10
- Impact: Elevation of Privilege
Bulletin 5
Bulletin 11
- Microsoft Windows 2000 Server Service Pack 4
Bulletin 12
Moderate Security Bulletins:
Bulletin 13
Other Information:
Microsoft Windows Malicious Software Removal Tool:
Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
Open security advisories
A summary of the three open Security Advisories so customers know what to expect on Tuesday:
· Advisory 980088, Vulnerability in Internet Explorer Could Allow Information Disclosure: this advisory was released yesterday (Feb 3). We do not have an update for this issue planned for the normal February bulletin release. However, this vulnerability only affects versions of windows older than Vista in their default configuration, and there is a “Fix It” available so customers in non-default configurations can protect themselves.
· Advisory 979682, Vulnerability in Windows Kernel Could Allow Elevation of Privilege: we are on track to release an update for this issue next Tuesday.
· Advisory 977544, Vulnerability in SMB Could Allow Denial of Service: we are still working on an update for this issue so it will not be addressed in the February bulletins. As a reminder, this issue cannot be used to allow an attacker to take control of a system remotely, but instead results in a system becoming unresponsive due to resource consumption.
We are not aware of any attacks on these vulnerabilities and continue to encourage customers to implement the mitigations and workarounds outlined in the advisories.
Windows versions end of support:
Important information about Windows versions that are reaching the end of their product lifecycle. Customers using these versions should consider upgrading before support for these products end as, once they do, we will no longer provide security updates: