KBs and Stuff

Microsoft Security Bulletin Summary for August 2010
Revision Note: V2.1 (September 1, 2010): Added note for MS10-056 to inform customers using Word 2007 that in addition to security update package KB2251419, they also need to install the security update package KB2277947.Summary: This bulletin summary lists security bulletins released for August 2010.

MS10-056 - Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638) - Version:1.3
Severity Rating: Critical - Revision Note: V1.3 (September 1, 2010): Added note to the affected software table to inform customers using Word 2007 that in addition to security update package KB2251419, they also need to install the security update package KB2277947 to be protected from the vulnerabilities described in this bulletin.Summary: This security update resolves four privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens or previews a specially crafted RTF e-mail message. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-049 - Critical: Vulnerabilities in SChannel could allow Remote Code Execution (980436) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (September 1, 2010): Corrected the bulletin replacement information for this update. This is an informational change only. There were no changes to the detection logic or the update files.Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted Web site that is designed to exploit these vulnerabilities through an Internet Web browser. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker's Web site.

Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution
Revision Note: V1.1 (August 31, 2010) Added a link to Microsoft Knowledge Base Article 2264107 to provide an automated Microsoft Fix it solution for the workaround, Disable loading of libraries from WebDAV and remote network shares.Summary: Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries.

MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) - Version:1.2
Severity Rating: Critical - Revision Note: V1.2 (August 25, 2010): Removed erroneous reference to a Microsoft Fix it solution from the workarounds for SMB Stack Exhaustion Vulnerability - CVE-2010-2552.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities.

MS10-046 - Critical: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) - Version:1.2
Severity Rating: Critical - Revision Note: V1.2 (August 24, 2010): Added an update FAQ to announce a detection change. This is a detection change only. There were no changes to the security update files in this bulletin. Customers who have already installed the update successfully do not need to reinstall.Summary: This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-058 - Important: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (August 18, 2010): Added workaround for IPv6 Memory Corruption Vulnerability - CVE-2010-1892.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege due to an error in the processing of a specific input buffer. An attacker who is able to log on to the target system could exploit this vulnerability and run arbitrary code with system-level privileges. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS10-055 - Critical: Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (August 12, 2010): Added Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 to the Non-Affected Software table.Summary: This security update resolves a privately reported vulnerability in Cinepak Codec. The vulnerability could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Security Bulletin Summary for March 2010
Revision Note: V3.1 (August 11, 2010): Removed Windows Movie Maker 2.6 as an affected component on Windows 7 for MS10-016.Summary: This bulletin summary lists security bulletins released for March 2010.

MS10-060 - Critical: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (August 11, 2010): Added a link to Microsoft Knowledge Base Article 2265906 under Known Issues in the Executive Summary. Also corrected the entries for Microsoft Silverlight in the Non-Affected Software table and the workarounds for Microsoft Silverlight Memory Corruption Vulnerability - CVE-2010-0019.Summary: This security update resolves two privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in convincing a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing the page, as could be the case in a Web hosting scenario.

MS10-057 - Important: Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (August 11, 2010): Added a link to Microsoft Knowledge Base Article 2269707 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-050 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (981997) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (August 11, 2010): Added a link to Microsoft Knowledge Base Article 981997 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability in Windows Movie Maker. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-016 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561) - Version:2.3
Severity Rating: Important - Revision Note: V2.3 (August 11, 2010): Removed Windows Movie Maker 2.6 as an affected component on Windows 7.Summary: This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-059 - Important: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799) - Version:1.0
Severity Rating: Important - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in the Tracing Feature for Services. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

MS10-053 - Critical: Cumulative Security Update for Internet Explorer (2183461) - Version:1.0
Severity Rating: Critical - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves six privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-052 - Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168) - Version:1.0
Severity Rating: Critical - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-051 - Critical: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403) - Version:1.0
Severity Rating: Critical - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. An attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.

MS10-048 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329) - Version:1.0
Severity Rating: Important - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves one publicly disclosed and four privately reported vulnerabilities in the Windows kernel-mode drivers. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

MS10-047 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852) - Version:1.0
Severity Rating: Important - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.

Microsoft Security Advisory (977377): Vulnerability in TLS/SSL Could Allow Spoofing
Revision Note: V2.0 (August 10, 2010): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-049 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-049. The vulnerability addressed is the TLS/SSL Renegotiation Vulnerability - CVE-2009-3555. For additional information on this advisory, see Microsoft Knowledge Base Article 977377.

Microsoft Security Advisory (2264072): Elevation of Privilege Using Windows Service Isolation Bypass
Revision Note: V1.0 (August 10, 2010): Advisory published.Summary: Microsoft is aware of the potential for attacks that leverage the Windows Service Isolation feature to gain elevation of privilege. This advisory discusses potential attack scenarios and provides suggested actions that can help to protect against this issue. This advisory also offers a non-security update for one of the potential attack scenarios through Windows Telephony Application Programming Interfaces (TAPI).

Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution
Revision Note: V2.0 (August 2, 2010): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability.

MS09-014 - Critical: Cumulative Security Update for Internet Explorer (963027) - Version:1.4
Severity Rating: Critical - Revision Note: V1.4 (July 21, 2010): Corrected the value of the dword associated with enabling the defense-in-depth protection in the section, Frequently Asked Questions (FAQ) Related to This Security Update. Users who previously enabled the defense-in-depth protection against the blended threat issue should verify their environment is using the correct dword value.Summary: This security update resolves four privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer or if a user connects to an attacker's server by way of the HTTP protocol. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Security Bulletin Summary for July 2010
Revision Note: V1.1 (July 14, 2010): Removed erroneous reference to Windows Embedded Standard 7 for MS10-043.Summary: This bulletin summary lists security bulletins released for July 2010.

MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (July 14, 2010): Added a link to Microsoft Knowledge Base Article 978212 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (July 14, 2010): Added a link to Microsoft Knowledge Base Article 982335 under Known Issues in the Executive Summary.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (July 14, 2010): Added an entry to the update FAQ to provide guidance for Windows 7 Service Pack 1 Beta and Windows Server 2008 R2 Service Pack 1 Beta releases. Also removed erroneous references to Windows Embedded Standard 7.Summary: This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.

Microsoft Security Bulletin Summary for April 2010
Revision Note: V4.0 (July 13, 2010): Revised to offer the rereleased security update for Windows Server 2008 and Windows Server 2008 R2 for MS10-024.Summary: This bulletin summary lists security bulletins released for April 2010.

MS10-042 - Critical: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593) - Version:1.0
Severity Rating: Critical - Revision Note: V1.0 (July 13, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message.

MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) - Version:1.4
Severity Rating: Important - Revision Note: V1.4 (July 13, 2010): Revised this bulletin to announce an installation logic change to the updates for Microsoft .NET Framework 1.1 Service Pack 1 (KB979906) and Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 (KB979909). This is an installation logic change only that does not affect the update files contained in the initial update. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering of signed XML content without being detected. In custom applications, the security impact depends on how the signed content is used in the specific application. Scenarios in which signed XML messages are transmitted over a secure channel (such as SSL) are not affected by this vulnerability.

MS10-024 - Important: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) - Version:2.0
Severity Rating: Important - Revision Note: V2.0 (July 13, 2010): Rereleased bulletin to reoffer the updates for Windows Server 2008 and Windows Server 2008 R2 to address the known issue listed in KB 976323.Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Exchange and Windows SMTP Service. The more severe of these vulnerabilities could allow denial of service if an attacker sent a specially crafted DNS response to a computer running the SMTP service. By default, the SMTP component is not installed on Windows Server 2003, Windows Server 2003 x64 Edition, or Windows XP Professional x64 Edition.

MS10-021 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (July 13, 2010): Added an entry in the Update FAQ to announce a detection change to the update for Windows 7 for 32-bit Systems. This is a detection change only. There were no changes to the security update files in this bulletin. Customers who have already installed the update successfully do not need to reinstall.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.

Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution
Revision Note: V2.0 (July 13, 2010): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-042 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-042. The vulnerability addressed is the Help Center URL Validation Vulnerability - CVE-2010-1885.

Microsoft Security Advisory (2028859): Vulnerability in Canonical Display Driver Could Allow Remote Code Execution
Revision Note: V2.0 (July 13, 2010): Advisory updated to reflect publication of security bulletin.Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-043 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-043. The vulnerability addressed is the Canonical Display Driver Integer Overflow Vulnerability - CVE-2009-3678.

MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 982666 under Known Issues in the Executive Summary to address the issue where specific installations of IIS fail on restart after installing this security update.Summary: This security update resolves a privately reported vulnerability in Internet Information Services (IIS). The vulnerability could allow remote code execution if a user received a specially crafted HTTP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) - Version:1.2
Severity Rating: Important - Revision Note: V1.2 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 2027452 under Known Issues in the Executive Summary.Summary: This security update resolves fourteen privately reported vulnerabilities in Microsoft Office. The more severe vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS09-040 - Important: Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 971032 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue.

MS10-033 - Critical: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902) - Version:1.3
Severity Rating: Critical - Revision Note: V1.3 (June 23, 2010): Corrected the verification registry keys for Quartz.dll (DirectShow), Asycfilt.dll (COM component), and Windows Media Format Runtime 9.5 on Windows XP Professional x64 Edition Service Pack 2.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-026 - Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (June 22, 2010): Revised this bulletin to announce a detection logic change to fix a reoffer issue with MPEG Layer-3 codecs on Microsoft Windows 2000 Service Pack 4. This is a detection change only that does not affect the files contained in the initial update. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file containing an MPEG Layer-3 audio stream. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Security Bulletin Summary for October 2009
Revision Note: V4.2 (June 22, 2010): Removed .NET Framework 1.1 Service Pack 1 as an affected component on Windows 7 and Windows Server 2008 R2 for MS09-061.Summary: This bulletin summary lists security bulletins released for October 2009.

MS09-061 - Critical: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378) - Version:1.4
Severity Rating: Critical - Revision Note: V1.4 (June 22, 2010): Removed .NET Framework 1.1 Service Pack 1 as an affected component on Windows 7 and Windows Server 2008 R2.Summary: This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in persuading a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing it, as could be the case in a Web hosting scenario. Microsoft .NET applications, Silverlight applications, XBAPs and ASP.NET pages that are not malicious are not at risk of being compromised because of this vulnerability.

MS10-036 - Important: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (June 16, 2010): Corrected the update file name for Microsoft Office Word 2007 in the Security Update Deployment section. Also added an entry to the update FAQ to explain why the update may be offered even when none of the affected software is present on the system.Summary: This security update resolves a privately reported vulnerability in COM validation in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel, Word, Visio, Publisher, or PowerPoint file with an affected version of Microsoft Office. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.

MS10-035 - Critical: Cumulative Security Update for Internet Explorer (982381) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (June 16, 2010): Corrected the Disable the IEDTExplorer Component workaround for CVE-2010-1261. Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Security Bulletin Summary for June 2010
Revision Note: V1.1 (June 9, 2010): Revised the notes for MS10-033 in the section, Affected Software and Download Locations.Summary: This bulletin summary lists security bulletins released for June 2010.

MS10-011 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037) - Version:1.2
Severity Rating: Important - Revision Note: V1.2 (June 9, 2010): Added a link to Microsoft Knowledge Base Article 978037 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerability could allow elevation of privilege if an attacker logs on to the system and starts a specially crafted application designed to continue running after the attacker logs out. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.

Microsoft Security Advisory (980088): Vulnerability in Internet Explorer Could Allow Information Disclosure
Revision Note: V1.2 (June 9, 2010): Added information about MS10-035 and clarified a FAQ entry about the caching vector.Summary: Microsoft is investigating new public reports of a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

MS10-039 - Important: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554) - Version:1.0
Severity Rating: Important - Revision Note: V1.0 (June 8, 2010): Bulletin published.Summary: This security update resolves one publicly disclosed and two privately reported vulnerabilities in Microsoft SharePoint. The most severe vulnerability could allow elevation of privilege if an attacker convinced a user of a targeted SharePoint site to click on a specially crafted link.

MS10-037 - Important: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218) - Version:1.0
Severity Rating: Important - Revision Note: V1.0 (June 8, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in the Windows OpenType Compact Font Format (CFF) driver. The vulnerability could allow elevation of privilege if a user views content rendered in a specially crafted CFF font. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

MS10-034 - Critical: Cumulative Security Update of ActiveX Kill Bits (980195) - Version:1.0
Severity Rating: Critical - Revision Note: V1.0 (June 8, 2010): Bulletin published.Summary: This security update addresses two privately reported vulnerabilities for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Vista, and Windows 7, and Moderate for all supported editions of Windows Server 2003, Windows Server2008, and Windows Server 2008 R2. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page that instantiates a specific ActiveX control with Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes kill bits for four third-party ActiveX controls.

MS10-032 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559) - Version:1.0
Severity Rating: Important - Revision Note: V1.0 (June 8, 2010): Bulletin published.Summary: This security update resolves two publicly disclosed vulnerabilities and one privately reported vulnerability in the Windows kernel-mode drivers. The vulnerabilities could allow elevation of privilege if a user views content rendered in a specially crafted TrueType font.