Skip to main content
MSRC

Risk Asessment

MS10-045: Microsoft Office Outlook Remote Code Execution vulnerability

Tuesday, July 13, 2010

Today we released the fix for CVE-2010-0266, an Important severity vulnerability in Microsoft Office Outlook. Yorick Koster working with the SSD/SecuriTeam Secure Disclosure program reported this issue. What’s the risk? This vulnerability enables an attacker to spoof a dangerous e-mail attachment to appear legitimate / benign. If a victim user were to open the attachment, code from a remote UNC path could execute without prior warning.

Read More

Help and Support Center vulnerability full-disclosure posting

Thursday, June 10, 2010

Yesterday evening, one of Google’s security researchers publicly released vulnerability details and a working exploit for an unpatched vulnerability in Windows XP and Windows Server 2003. This afternoon, we’ve released security advisory 2219475 with official guidance. We’d like to use this blog entry to share more details about the issue and ways you can protect yourself.

Read More

Assessing the risk of the June Security Bulletins

Tuesday, June 08, 2010

Today we released ten security bulletins. Three have a maximum severity rating of Critical and seven have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Rating Likely first 30 days impact Platform mitigations and key notes MS10-035(IE) Victim browses to a malicious webpage.

Read More

MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

Tuesday, June 08, 2010

Today we released a security update rated Important for CVE-2010-1255 in MS10-032. This vulnerability affects the win32k.sys driver. This blog post provides more information about this vulnerability that can help with prioritizing the deployment of updates this month. What’s the risk? A local attacker could write a custom user-mode attack application that passes a bad buffer to win32k.

Read More

MS10-030: Malicious Mail server vulnerability

Tuesday, May 11, 2010

Today we released the fix for CVE-2010-0816 in MS10-030. This vulnerability affects Outlook Express, Windows Mail, and Windows Live Mail. We recommend that you install the update as soon as possible, but realize that some customers may need to prioritize which updates they install first. While the vulnerability is rated critical, many customers may not be affected by it.

Read More

Assessing the risk of the April Security Bulletins

Monday, April 12, 2010

Today we released eleven security bulletins with security updates addressing 25 CVE’s. Five of the bulletins have at least one CVE rated Critical. We hope that the table below helps you prioritize this month’s deployment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Likely first 30 days impact Platform mitigations and key notes MS10-027 (WMP) Victim browses to a malicious webpage.

Read More

MS10-020: SMB Client Update

Monday, April 12, 2010

Today Microsoft released MS10-020, which addresses several vulnerabilities in the Windows SMB client. This blog post provides additional details to help prioritize installation of the update, and understand the attack vectors and mitigations that apply. Client-side vulnerabilities The first thing to realize is that this update addresses vulnerabilities in the SMB ** client ** in Windows.

Read More

Registry vulnerabilities addressed by MS10-021

Monday, April 12, 2010

MS10-021 addresses eight different Windows vulnerabilities. Five of them, CVE-2010-0234 through CVE-2010-0238, stem from an obscure bit of Windows registry functionality called “registry links”. A quick search in MSDN reveals this description: “REG_LINK: Specifies a Unicode symbolic link. Used internally. Applications do not use this type”. Clear as mud, right? Registry links are similar to symbolic links in NTFS (http://msdn.

Read More