Bink.nu Services

Subscribe to our feed 

 


Order Now!

Windows 7 for XP Professionals
Updating Support Skills from XP to Windows 7
by Bink.nu's Raymond Comvalius

Who is online

There are 38 guest(s) online.

There are 0 member(s) online.

Sponsors



Popular Tags

Archives

June 2010 Security Bulletin Release
Posted by Steven Bink June 8, 2010 8:11 PM with no comments

Critical

  • MS10-033 is a remote code execution vulnerability in both Quartz.dll and Asycfilt.dll and is rated Critical on all supported versions of Windows. Specially crafted media files could trigger the vulnerability when a user visits a web page or opens a malicious file.
  • MS10-034 is a cumulative update for ActiveX Kill Bits and is Critical on Windows 2000, XP, Vista, and Windows 7. There are two Microsoft controls we are applying Kill Bits for. Those are the Internet Explorer 8 Developer Tools control, and the Data Analyzer ActiveX control. The latter control is not installed by default. In addition, there are Kill Bits for four third-party controls. Please review the bulletin for additional details.
  • MS10-035 is a cumulative update for Internet Explorer. Of the six vulnerabilities addressed in the bulletin, only one, an information disclosure vulnerability, is publicly known. This issue was identified in Security Advisory 980088. We remain unaware of any active attacks against this vulnerability.

  • MS10-032 is an elevation of privilege issue in the affected Microsoft products. There is a potential remote vector if applications fail to properly request the length of the buffer when calling the affected API. All Microsoft applications make this call properly but there may be applications out there that do not. Regardless, installing this update addresses the issue for all vectors. See our Security Research & Defense (SRD) blog for more details on this one.
  • MS10-036 is a COM validation update. The issue could result in an attack through ActiveX in Office applications. This is not a new attack vector but the underlying vulnerability is and the bulletin addresses it. For additional clarification, I want to point out that Office XP does not have the architecture needed for the update. However, for customers running Office XP on Windows XP or newer operating systems, we have made a shim available that protects against the vulnerability. The shim can be installed via a Microsoft FixIt which can be downloaded from KB983235.
  • MS10-039 is a SharePoint related update, closing out Security Advisory 983438 which addressed an elevation of privilege vulnerability. We are not currently aware of any attacks against this issue.

    • More at: June 2010 Security Bulletin Release - The Microsoft Security Response Center (MSRC) - Site Home

    Video:
  • Windows Media Video (WMV)
  • Windows Media Audio (WMA)
  • iPod Video (MP4)
  • MP3 Audio
  • High Quality WMV (2.5 Mbps)
  • Zune Video (WMV)
    • Send via e-mail | Submit to Digg | Add to Live Favorites
    110842 Views

    Comments

    No Comments

    About Steven Bink

    Founder of Bink.nu
    Powered By IIS 7 Powered by ASP.NET
    Bink.nu 3.0. Copyright © 1999-2012 Steven Bink. All Rights Reserved.
    Microsoft and Microsoft logo's are trademarks of Microsoft Corporation.