PC World reports that Microsoft investigating a new vulnerability in the Windows kernel driver
Microsoft has updated security bulletin MS10-046 - Critical: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) to version 1.1
Microsoft published the out-of-band Microsoft Security Bulletin Summary for August 2010
Microsoft has released the following out-of-band security updates:
- Security Update for Windows 7 Service Pack 1 Beta (KB2286198)
- Security Update for Windows 7 Service Pack 1 Beta for x64-based Systems (KB2286198)
- Security Update for Windows Server 2008 x64 Edition (KB2286198)
- Security Update for Windows Vista (KB2286198)
- Security Update for Windows Server 2008 R2 Service Pack 1 Beta for Itanium-based Systems (KB2286198)
- Security Update for Windows XP (KB2286198)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2286198)
- Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2286198)
- Security Update for Windows Server 2008 (KB2286198)
- Security Update for Windows Server 2008 R2 Service Pack 1 Beta x64 Edition (KB2286198)
- Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2286198)
- Security Update for Windows Vista for x64-based Systems (KB2286198)
- Security Update for Windows XP x64 Edition (KB2286198)
- Security Update for Windows Server 2003 x64 Edition (KB2286198)
- Security Update for Windows Server 2008 R2 x64 Edition (KB2286198)
- Security Update for Windows Server 2008 for Itanium-based Systems (KB2286198)
- Security Update for Windows Server 2003 (KB2286198)
- Security Update for Windows Embedded Standard 7 (KB2286198)
- Security Update for Windows 7 for x64-based Systems (KB2286198)
- Security Update for Windows 7 (KB2286198)
- Security Update for Windows XP Embedded (KB2286198)
- Security Update for Windows 7 Service Pack 1 Beta (KB2286198)
- Security Update for Windows 7 Service Pack 1 Beta for x64-based Systems (KB2286198)
- Security Update for Windows Server 2008 x64 Edition (KB2286198)
- Security Update for Windows Vista (KB2286198)
- Security Update for Windows Server 2008 R2 Service Pack 1 Beta for Itanium-based Systems (KB2286198)
- Security Update for Windows XP (KB2286198)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2286198)
- Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2286198)
- Security Update for Windows Server 2008 (KB2286198)
- Security Update for Windows Server 2008 R2 Service Pack 1 Beta x64 Edition (KB2286198)
- Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2286198)
- Security Update for Windows Vista for x64-based Systems (KB2286198)
- Security Update for Windows XP x64 Edition (KB2286198)
- Security Update for Windows Server 2003 x64 Edition (KB2286198)
- Security Update for Windows Server 2008 R2 x64 Edition (KB2286198)
- Security Update for Windows Server 2008 for Itanium-based Systems (KB2286198)
- Security Update for Windows Server 2003 (KB2286198)
- Security Update for Windows Embedded Standard 7 (KB2286198)
- Security Update for Windows 7 for x64-based Systems (KB2286198)
- Security Update for Windows 7 (KB2286198)
- Security Update for Windows XP Embedded (KB2286198)
PC World posted a news story that according to a report published by Microsoft Vulnerability Research, third-party developers patched just 45% of the vulnerabilities that Microsoft's security team reported to them during the 12 months from July 2009 to June 2010.
Microsoft has published a Security Bulletin Advance Notification for August 2010
A new version of Remove Fake Antivirus, a tool to remove fake antivirus programs has been released
PC World reports that a newly-discovered WPA2 hole allows man-in-the-middle-style exploits
PC World posted a news story that security vendor Eset has spotted two new attacks exploiting an unpatched Windows flaw and expects many more to come.
Microsoft published the following security bulletin updates:
- MS09-014 - Critical: Cumulative Security Update for Internet Explorer (963027) - Version:1.4
- Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution
- MS09-014 - Critical: Cumulative Security Update for Internet Explorer (963027) - Version:1.4
- Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution
PC World reports that Dell is warning customers that a small number of its PowerEdge R410 server motherboards may contain malicious software
Panda Cloud Antivirus 1.1.2 has been released
PC World reports that Microsoft is warning that attackers are exploiting a critical unpatched Windows vulnerability using infected USB flash drives
Technet has published the following security bulletin updates:
- MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212) - Version:1.1
- MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335) - Version:1.1
- MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276) - Version:1.1
- MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212) - Version:1.1
- MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335) - Version:1.1
- MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276) - Version:1.1
A new version of Protector Plus, a Windows Vulnerability Scanner, is available
Microsoft just updated the following 3 security bulletins:
- MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) - Version:1.4
- MS10-024 - Important: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) - Version:2.0
- MS10-021 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) - Version:1.1
- MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) - Version:1.4
- MS10-024 - Important: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) - Version:2.0
- MS10-021 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) - Version:1.1
Microsoft officially announced the Microsoft Security Bulletin Summary for July 2010
Microsoft published the Microsoft Security Bulletin Advance Notification for July 2010, this time addressing 2 critical vulnerabilities in Windows, 1 critical vulnerability in Office, and 1 important problem in Office
CNET News posted a news story that Microsoft is looking into reports of a vulnerability that could allow malicious code to be run on machines running Windows XP or Windows 2000
PC World reports that Adobe plugs only part of the hole disclosed in March
