Microsoft Black Tuesday Summary July 2010

I decided that it would be a good idea to publish summaries of MS’s patch updates on here each month, let me know your thoughts. I know that you can get these from MS directly, but I just figured that if you read SecuriTeam anyway, then here’s some more useful information for you.

My personal opinion on this one is that if there’s one patch you really should apply ASAP, then it should be MS10-042.
So without further ado.

MS10-042 (Critical – Remote Code Execution)

Vulnerability in Help and SupportCenter Could Allow Remote Code Execution (2229593)

This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message.

MS10-043 (Critical – Remote Code Execution)

Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)

This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.
MS10-044 (Critical – Remote Code Execution)

Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)

This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS10-045 (Important – Remote Code Execution)

Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)

This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Have fun patching all, and please remember to test these patches in a non-production environment before applying directly to production environments guys and girls.

Share