Security 10748 Published by

Microsoft has updated the following security bulletins:

Unchecked Buffer in DirectX Could Enable System Compromise
Subsequent to the original release of this bulletin, customers requested that we support additional versions of DirectX that were not covered by the original patches. This bulletin has been updated to provide information about this new patch.

Read more

Unchecked Buffer in MDAC Function Could Enable System (Q326573)
Subsequent to the release of this bulletin, it was determined that the vulnerability addressed is not with the OpenRowSet command (which is a Microsoft SQL Server command) but rather that the vulnerability is with the underlying MDAC component Open Database Connectivity (ODBC), which is present in all versions of Windows. Additionally, the original patch released with this did not install correctly on some systems because of a flaw in the way that Microsoft Windows Installer updated the System File Protection cache. The bulletin has been updated to include this additional information and to direct users to an updated patch.

Read more