Every month I’d like to publish a post in which describes the security bulletins, to some degree, that Microsoft has released for that specific month. It’s funny, though, that this month, the first month I start, Microsoft issues several security bulletins…11 to be exact. If you want to read more about them, feel free to check out the official site for the security bulletins. Click on the Executive Summary to see a brief overview of each bulletin.
First, you may notice that if you’re using Windows 7 as your operating system, only 2 out of the 11 security bulletins are actually critical while one other is considered to be moderate. This just shows that keeping an up-to-date system, you should be able to avoid certain security vulnerabilities, in this case eight vulnerabilities. (By the way, if you’re still on ole trusty XP, you’ll have to deal with 10 out of 11 updates, in which four are critical, three are important and one is moderate.)
Here’s a quick overview of the exploits:
Bulletin | Title | Severity Rating |
MS10-019 | Vulnerabilities in Windows Could Allow Remote Code Execution (98210) | Critical Remote Code Execution |
MS10-020 | Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) | Critical Remote Code Execution |
MS10-025 | Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) | Critical Remote Code Execution |
MS10-026 | Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816) | Critical Remote Code Execution |
MS10-027 | Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402) | Critical Remote Code Execution |
MS10-021 | Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) | Important Elevation of Privilege |
MS10-022 | Vulnerability in VBScript Could Allow Remote Code Execution (981169) | Important Remote Code Execution |
MS10-023 | Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160) | Important Remote Code Execution |
MS10-024 | Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) | Important Denial of Service |
MS10-028 | Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) | Important Remote Code Execution |
MS10-029 | Vulnerabilities in Windows ISATAP Component Could Allow Spoofing (978338) | Moderate Spoofing |
As always, you should make sure to have automatic updates enabled for Windows. Once again, I’d like to point out that although this month looks bad, if you have a recent version of Windows, such as Windows 7, you will not be as affected as an older version, such as Windows XP. Hence, one of the reasons to upgrade to Windows 7.
If anyone has any comments or suggestions feel free to send them to me at tinkeringwithwindows at live dot com.
0 comments:
Post a Comment