Technical Cyber Security Alert 2010-68A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office.
52a06df4c61def449f7f9c9f8bcad8b7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-068A
Microsoft Updates for Multiple Vulnerabilities
Original release date:
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Office
Overview
Microsoft has released updates to address vulnerabilities in
Microsoft Windows and Microsoft Office.
I. Description
Microsoft has released security bulletins for multiple
vulnerabilities in Microsoft Movie Maker, Microsoft Office Producer
2003, and Microsoft Office Excel. These bulletins are described in
the Microsoft Security Bulletin Summary for March 2010. Microsoft
notes that affected versions of Microsoft Movie Maker were either
included with Microsoft Windows or available as an optional
download.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code or
cause a vulnerable application to crash.
III. Solution
Apply updates from Microsoft
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for March 2010. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).
Microsoft notes that there is no security update available for
Microsoft Producer 2003 at this time of this writing. Users can
mitigate the impact to systems with Microsoft Producer 2003 by
applying the automated solution to remove the Microsoft Producer
file associations using the Fix it found in Microsoft Knowledge
Base Article 975561, and by applying the workarounds in Microsoft
Security Bulletin MS10-016.
IV. References
* Microsoft Security Bulletin Summary for March 2010 -
<http://www.microsoft.com/technet/security/bulletin/MS10-mar.mspx>
* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>
* Microsoft Knowledge Base Article 975561 -
<http://support.microsoft.com/kb/975561>
* Microsoft Security Bulletin MS10-016 -
<http://www.microsoft.com/technet/security/bulletin/ms10-016.mspx>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-068A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA10-068A Feedback VU#586853" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
March 09, 2010: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS5bAnT6pPKYJORa3AQJgXwgAvE0mmWRlV/XF5k/H6yf5ZHocmH80a3+P
CpGT1DWFDbBLEO2I6jq9bJM8yNCmeTzG0v3XkwGe6fQ29KuILMTRqwDPgdB5gDHh
MPfnxX/PJN8LBR8Qog8T6ilOTXEgYHj/6RN4j5iOmZjpbgkUKmGfDxevht2DDOjK
e7y0tseZuKee4Vb1pZgpFHyjspMQ1ksVQbyvklAQkPL9DSnq+uk6lFBxQnnJ36pR
I4Lku7Qf3kjSc3yJWFXkXhAcMx6RbPasogtnU9MBDlOC69X3W3m4RxaXB87RwFV8
XDqtuyrINJ6RJHEg0V/gZCT0+mgfUpkqPWS9uaaPSp24LwDGj5yqQw==
=+osT
-----END PGP SIGNATURE-----
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!