Microsoft has updated the following two security bulletins:
- MS10-077 - Critical: Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841) - Version:3.0
- MS10-070 - Important: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) - Version:4.0
PCWorld posted a news story that Microsoft is downplaying the threat posed to Windows users by a recently-revealed vulnerability, saying an exploit is unlikely.
PC World reports that a security researcher yesterday disclosed a new unpatched bug in Windows that some experts believe could be used to remotely hijack a PC.
Microsoft has updated the following security bulletin:
- MS11-006 - Critical: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185) - Version:1.1
Microsoft has released an ISO image with all security updates for Windows released on Windows Update on February 8th, 2011.
Microsoft has released the following 26 security updates:
- Security Update for Windows Server 2003 (KB2483185)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2483185)
- Security Update for IIS FTP 7.5 for Windows Server 2008 x64 Edition (KB2489256)
- Security Update for Windows Server 2003 (KB2478971)
- Security Update for Windows XP x64 Edition (KB2478971)
- Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2485376)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2478960)
- Security Update for Windows Server 2003 x64 Edition (KB2483185)
- Security Update for Windows XP x64 Edition (KB2479628)
- Security Update for Windows Embedded Standard 7 (KB2479628)
- Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2479628)
- Security Update for Windows XP x64 Edition (KB2478960)
- Security Update for IIS FTP 7.0 for Windows Vista for x64-based Systems (KB2489256)
- Security Update for Windows Server 2003 x64 Edition (KB2478953)
- Security Update for IIS FTP 7.5 for Windows Vista for x64-based Systems (KB2489256)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2479628)
- Security Update for Windows Server 2003 (KB2478953)
- Security Update for Windows Vista (KB2483185)
- Security Update for Windows XP x64 Edition (KB2476687)
- Security Update for Windows Server 2008 R2 Service Pack 1 Release Candidate for Itanium-based Systems (KB2485376)
- Security Update for IIS FTP 7.0 for Windows Server 2008 x64 Edition (KB2489256)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2476687)
- Security Update for Windows Server 2008 for Itanium-based Systems (KB2479628)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2478971)
- Security Update for Windows Server 2008 (KB2483185)
- Security Update for Windows 7 for x64-based Systems (KB2489256)
Microsoft has released version 3.16 of their Malicious Software Removal Tool
Microsoft published the Microsoft Security Bulletin Advance Notification for February 2011
GHacks.net posted a news story that Microsoft has published a workaround for the 0-day Windows vulnerability that has been has confirmed yesterday
PC World posted a news story of a new zero-day Windows XSS vulnerability
Threatpost reports that a critical bug has been found in Opera
Microsoft has updated the following security bulletin:
- MS10-001 - Critical: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270) - Version:1.1
Microsoft updated the following security bulletin:
- MS10-102 - Important: Vulnerability in Hyper-V Could Allow Denial of Service (2345316) - Version:1.1
Microsoft has released a DVD5 ISO image file with security updates for Windows released on Windows Update on January 11th, 2011.
Microsoft has released the following 29 updates:
- Update for Windows Server 2008 R2 for Itanium-based Systems (KB976902)
- Security Update for Windows Embedded Standard 7 (KB2419640)
- Update for Windows Embedded Standard 7 for x64-based Systems (KB976902)
- Security Update for Windows Server 2008 R2 x64 Edition (KB2419640)
- Security Update for Windows 7 (KB2419640)
- Update for Windows Server 2008 (KB2446496)
- Security Update for Windows XP (KB2419632)
- Security Update for Windows Server 2008 R2 Service Pack 1 Release Candidate for Itanium-based Systems (KB2419640)
- Update for Windows Server 2008 x64 Edition (KB2446496)
- Security Update for Windows Vista (KB2478935)
- Update for Windows Server 2008 for Itanium-based Systems (KB2446496)
- Security Update for Windows Server 2003 for Itanium-based Systems (KB2419635)
- Security Update for Windows Vista (KB2419640)
- Security Update for Windows Server 2003 x64 Edition (KB2419635)
- Security Update for Windows 7 Service Pack 1 Release Candidate (KB2419640)
- Security Update for Windows Server 2008 (KB2419640)
- Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2419640)
- Security Update for Windows 7 for x64-based Systems (KB2419640)
- Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2419640)
- Security Update for Windows XP x64 Edition (KB2419635)
- Update for Windows Embedded Standard 7 (KB976902)
- Security Update for Windows Vista for x64-based Systems (KB2478935)
- Security Update for Windows Vista for x64-based Systems (KB2419640)
- Security Update for Windows Server 2008 x64 Edition (KB2419640)
- Security Update for Windows Server 2008 R2 Service Pack 1 Release Candidate x64 Edition (KB2419640)
- Security Update for Windows Server 2008 for Itanium-based Systems (KB2419640)
- Update for Windows Server 2008 R2 x64 Edition (KB976902)
- Security Update for Windows Server 2003 (KB2419635)
- Security Update for Windows 7 Service Pack 1 Release Candidate for x64-based Systems (KB2419640)
Threatpost posted a news story that a security researcher found a way to bypassing one of the sandboxes that Adobe has implemented
Microsoft has released/updated the following 3 security advisories:
- MS10-090 - Critical: Cumulative Security Update for Internet Explorer (2416400) - Version:1.1
- Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
- Microsoft Security Advisory (2488013): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Threatpost reports that Microsoft warns of a security hole in Windows Graphics Engine
PC World posted a news story that Malware authors use Microsoft's schedule to con users
PC World reports that an accidental leak may have confirmed Chinese hackers' suspicions that Internet Explorer has a critical unpatched vulnerability, a security researcher said.
