Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Microsoft Security Bulletin Updates 06/30/10
Posted by Philipp Esselbach on: 07/01/2010 02:07 PM [ Print | 0 comment(s) ]
Microsoft has updated the following security bulletins:
- MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) - Version:1.3
- MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666) - Version:1.1
- MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) - Version:1.2
- MS09-040 - Important: Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032) - Version:1.1
- MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) - Version:1.3
- MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666) - Version:1.1
- MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) - Version:1.2
- MS09-040 - Important: Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032) - Version:1.1
MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) - Version:1.3
Read more
MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666) - Version:1.1
Read more
MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) - Version:1.2
Read more
MS09-040 - Important: Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032) - Version:1.1
Read more
Severity Rating: Important - Revision Note: V1.3 (June 30, 2010): Corrected the registry key verification for Microsoft .NET Framework 3.5 and Microsoft .NET Framework 2.0 Service Pack 2.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering of signed XML content without being detected. In custom applications, the security impact depends on how the signed content is used in the specific application. Scenarios in which signed XML messages are transmitted over a secure channel (such as SSL) are not affected by this vulnerability.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering of signed XML content without being detected. In custom applications, the security impact depends on how the signed content is used in the specific application. Scenarios in which signed XML messages are transmitted over a secure channel (such as SSL) are not affected by this vulnerability.
Read more
MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 982666 under Known Issues in the Executive Summary to address the issue where specific installations of IIS fail on restart after installing this security update.
Summary: This security update resolves a privately reported vulnerability in Internet Information Services (IIS). The vulnerability could allow remote code execution if a user received a specially crafted HTTP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Summary: This security update resolves a privately reported vulnerability in Internet Information Services (IIS). The vulnerability could allow remote code execution if a user received a specially crafted HTTP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Read more
MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) - Version:1.2
Severity Rating: Important - Revision Note: V1.2 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 2027452 under Known Issues in the Executive Summary.
Summary: This security update resolves fourteen privately reported vulnerabilities in Microsoft Office. The more severe vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Summary: This security update resolves fourteen privately reported vulnerabilities in Microsoft Office. The more severe vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Read more
MS09-040 - Important: Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032) - Version:1.1
Severity Rating: Important - Revision Note: V1.1 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 971032 under Known Issues in the Executive Summary.
Summary: This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue.
Summary: This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue.
Read more
Related Threads
07/16/2010 11:12 AM: Microsoft Windows Network - invalid (deleted ) domain (0) by LuRs52
01/04/2011 02:24 AM: How flexible is Microsoft Security Essentials? (1) by MrJeebs
10/06/2009 10:44 AM: Microsoft windows network install (7) by danleff
11/16/2008 11:21 PM: Microsoft Xbox 360 Wireless Receiver for Windows (1) by Steiner
06/30/2008 12:27 AM: Microsoft Sidewinder FF Wheel (0) by DenMac70
07/09/2008 10:58 AM: New bigger hard drive - will Microsoft object? (4) by EASEUS Data Recovery
01/06/2008 01:00 PM: Microsoft.NET (4) by Cormac
07/26/2007 09:40 AM: Microsoft SideWinder Precision Wheel Sensitivity (1) by danleff
05/26/2007 05:28 PM: microsoft sidewinder ff wheel shaking non stop (0) by x-c33d
10/11/2009 04:16 AM: Microsoft Windows Network Lost (2) (2) by wlidster
01/04/2011 02:24 AM: How flexible is Microsoft Security Essentials? (1) by MrJeebs
10/06/2009 10:44 AM: Microsoft windows network install (7) by danleff
11/16/2008 11:21 PM: Microsoft Xbox 360 Wireless Receiver for Windows (1) by Steiner
06/30/2008 12:27 AM: Microsoft Sidewinder FF Wheel (0) by DenMac70
07/09/2008 10:58 AM: New bigger hard drive - will Microsoft object? (4) by EASEUS Data Recovery
01/06/2008 01:00 PM: Microsoft.NET (4) by Cormac
07/26/2007 09:40 AM: Microsoft SideWinder Precision Wheel Sensitivity (1) by danleff
05/26/2007 05:28 PM: microsoft sidewinder ff wheel shaking non stop (0) by x-c33d
10/11/2009 04:16 AM: Microsoft Windows Network Lost (2) (2) by wlidster