Microsoft Patches – June 2010

Here is a summary of the June, 2010 Microsoft Security Patches.  The full details from Microsoft can be found here.

As always, do your own research to determine if these patches are necessary for your systems.

Bulletin
Description Reference
KB
Microsoft Rating
MS10-033 Vulnerabilities in Media Decompression Could Allow Remote Code Execution 979902 Servers:
Critical
Remote Code Execution Desktops:
Critical
MS10-034 Cumulative Security Update of ActiveX Kill Bits 980195 Servers:
Moderate
Remote Code Execution Desktops:
Critica
l
MS10-035 Cumulative Security Update for Internet Explorer 982381 Servers:
Moderate
Remote Code Execution Desktops:
Critical
MS10-032 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege 979559 Servers:
Important
Elevation of Privilege Desktops:
Important
MS10-036 Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution 983235 Server/Desktop
Microsoft Office:
Important
Remote Code Execution
MS10-037 Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege 980218 Servers:
Important
Elevation of Privilege Desktops:
Important
MS10-038 Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution 2027452 Server/Desktop
Microsoft Office:
Important
Remote Code Execution
MS10-039 Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege 2028554 Server / Desktop:
Microsoft Office:
Important
Elevation of Privilege
MS10-040 Vulnerability in Internet Information Services Could Allow Remote Code Execution 982666 Servers:
Important
Remote Code Execution Desktops:
Important
MS10-041 Vulnerability in Microsoft .NET Framework Could Allow Tampering 981343 Servers:
Important
Tampering Desktops:
Important

Find an error in my analysis? Let me know!

Posted in Uncategorized | Tagged , , , | Leave a comment

Microsoft Patches – May 2010

It’s time to patch those servers and workstations again.  Only two patches from Microsoft this month.  Should make for an easy night.

Patch # Affected Reference
KB
Microsoft Rating
MS10-030 Vulnerabilities in Outlook Express and Windows Mail
Outlook Express and Windows Mail Integer Overflow KB978542 Servers:
Important
Clients:
Critical
MS10-031 Vulnerabilities in Microsoft Visual Basic for Applications
VBE6.DLL Stack Memory Corruption KB978213 OS:
Important
Office 2007:
Important
Developer Tools:
Critical

Don’t take my word for it, check the MS Site yourself and determine if you need these patches.   Any good System Administrator will check the patches at the source themselves.

Posted in System Administration, Windows | Tagged , , , | Leave a comment

Microsoft Patches – April 2010

It’s time to patch those servers and workstations again.  I figured I’d take a preview of how big the workload was going to be.  Lots of critical patches released this month.  I’m sure I don’t need to get on a soapbox about patching your home computers as well…

Patch # Affected Reference KB Microsoft Rating
MS10-019 Vulnerabilities in Windows Authenticode Verification
Authenticode KB 981210 Severity: Critical
MS10-020 Vulnerabilities in SMB Client (Replaces MS10-006 )
SMB Client KB 980232 Severity: Critical
MS10-021 Privilege Elevation Vulnerabilities in Windows Kernel (Replaces MS10-015 )
Windows Kernel KB 979683 Severity: Important
MS10-022 Vulnerability in VBScript Engine
VBScript KB 981169 Severity: Critical
MS10-023 Vulnerability in Microsoft Office Publisher (Replaces MS08-027 MS09-030 )
Publisher KB 981160 Severity: Important
MS10-024 DoS Vulnerability in Microsoft Exchange and SMTP Service
Exchange, SMTP Service KB 981832 Severity: Important
MS10-025 Vulnerability in Micorsoft Windows Media Services
Windows Meida Services KB 980858 Severity: Critical
MS10-026 Vulnerability in Microsoft MPEG Layer 3 Codec
MPEG Layer 3 Codec KB 977816 Severity: Critical
MS10-027 Vulnerability in Windows Media Player (Replaces MS07-047 )
Windows Media Player KB 979402 Severity: Critical
MS10-028 Vulnerabilities in Microsoft Visio (Replaces MS09-062 MS09-005 )
Windows Media Player KB 980094 Severity: Critical
MS10-029 ISATAP Spoofing Vulnerability
ISATAP KB 978338 Severity: Moderate

Credit: The SANS Internet Storm Center puts together a reference of the patches every month. I frequent their site for extra details when I am compiling my patch list.

Posted in System Administration, Windows | Tagged , , , | Leave a comment