Status Tracking Note JVNTR-2010-11

Microsoft Updates for Multiple Vulnerabilities (TA10-103A)

Overview

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Exchange.
Event Information

Date (UTC)Description
2010-04-19 19:47 Symantec
ThreatCON (2) => (2)
The SMB client for Windows 7 and Windows Server 2008 is vulnerable to memory corruption bug that may allow an attacker to take complete control of the affect system. A public proof of concept has been released. Apply vendor-supplied patches.
2010-04-15 13:49 SANS Internet Storm Center
Microsoft April 2010 Patch Tuesday
Overview of the April 2010 Microsoft Patches and their status.
2010-04-14 02:45 JPCERT/CC
JPCERT-AT-2010-0008: April 2010 Microsoft Security Bulletin (including five critical patches)
2010-04-14 01:29 Microsoft
ms10-apr: Microsoft Security Bulletin Summary for April 2010
Included in this advisory are updates for newly discovered vulnerabilities.
2010-04-14 01:13 Microsoft
Microsoft Security Advisory (977544): Vulnerability in SMB Could Allow Denial of Service
SMB Client Incomplete Response Vulnerability (CVE-2009-3676, MS10-020)
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-020 to address this issue.
2010-04-13 19:25 US-CERT
TA10-103A: Microsoft Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2010-04-13 17:11 US-CERT
Microsoft Releases April Security Bulletin
US-CERT Current Activity
Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Exchange as part of the Microsoft Security Bulletin Summary for April 2010. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, cause a denial-of-service attack or spoof an IPv4 address to bypass filtering devices.
2010-04-08 18:55 Microsoft
ms10-apr: Microsoft Security Bulletin Advance Notification for April 2010
Included in this advisory are updates for newly discovered vulnerabilities.
2010-03-13 07:32 JVN
JVNTR-2010-08: Internet Explorer VBScript Windows Help arbitrary code execution (VU#612021)
2009-12-04 Zero Day Initiative (ZDI)
ZDI-10-070: Microsoft Windows Media Player Codec Retrieval Dangling Pointer Remote Code Execution Vulnerability
Media Player Remote Code Execution Vulnerability (CVE-2010-0268, MS10-027) Reported
The specific flaw exists within the functionality for retrieving a codec for an unknown fourCC compression code. If an embedded Windows Media Player control attempts to play a media file containing an unknown codec it makes a request to Microsoft to retrieve the necessary capability.
2009-11-16 13:21 US-CERT
Microsoft Releases Security Advisory 977544
US-CERT Current Activity
Microsoft has released security advisory 977544 to address a vulnerability in the Server Message Block (SMB) protocol. This vulnerability may allow an attacker to cause a denial-of-service condition. This vulnerability only affects Windows 7 and Server 2008 software.
2009-11-14 18:42 SANS Internet Storm Center
Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released (Version: 2)
Microsoft has released an advisory for the Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit the ISC discussed storyid=7573.
2009-11-14 00:43 Microsoft
Microsoft Security Advisory (977544): Vulnerability in SMB Could Allow Denial of Service
SMB Vulnerability (CVE-2009-3676)
Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol.
2009-11-13 13:25 SANS Internet Storm Center
Windows 7 / Windows Server 2008 R2 Remote SMB Exploit (Version: 3)
Mikael wrote us yesterday, telling us about a site claiming to have a zero day for SMB on both Windows 7 and Windows Server 2008 R2.
2009-11-11 10:58 Bugtraq
Windows 7 , Server 2008R2 Remote Kernel Crash
Vulnerability Proof Of Concept (CVE-2009-3676)
#Cid:36989.py
#Tested: cpe:/o:microsoft:windows_7
#Tested: cpe:/o:microsoft:windows_server_2008
2009-11-06 Zero Day Initiative (ZDI)
ZDI-10-069: Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability
Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability (CVE-2010-0479, MS10-023) Reported
The specific flaw exists within the code responsible for converting files from the Publisher 97 format. While processing a TextBox item, several programming errors can be triggered allowing a maliciously created publisher file to execute arbitrary code under the context of the user opening the file.

Reference

Date first published (UTC): 2010-04-19T00:21+00:00
Date last updated (UTC): 2010-04-21T18:38+00:00
Valid HTML 4.01!