Status Tracking Note JVNTR-2010-19
Vulnerability in Microsoft Windows Help and Support Center (CVE-2010-1885, MS10-042, TA10-194A)
Overview
A vulnerability exists in Microsoft Windows Help and Support Center.
Event Information
Date (UTC)
Description
2010-07-15 23:32
Symantec
ThreatCON (2) => (2)
2010-07-14 01:32
JPCERT/CC
JPCERT-AT-2010-0018: July 2010 Microsoft Security Bulletin (including three critical patches)
Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-13 23:53
Microsoft
MS10-042: Microsoft Security Bulletin Summary for July 2010
Security Update (MS10-042) released.
2010-07-13 21:20
US-CERT
TA10-194A: Microsoft Updates for Multiple Vulnerabilities
Technical Cyber Security Alert publised via US-CERT Mailing List.
Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-13 17:30
SANS Internet Storm Center
July 2010 Microsoft Black Tuesday Summary
Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-13 17:25
US-CERT
Microsoft Releases July Security Bulletin
US-CERT Current Activity
Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-08 18:07
Microsoft
ms10-jul: Microsoft Security Bulletin Advance Notification for July 2010
Advance notification for Security Update.
2010-06-28 05:34
JPCERT/CC
JPCERT-AT-2010-0016: Zero-day Vulnerability in Windows Help and Support Center Protocol
2010-06-11 21:56
Microsoft
Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution
Fix it (Unregister the HCP Protocol) published.
2010-06-10 22:48
Microsoft
Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution
Security Advisory (2219475) published.
2010-06-10 21:50
SANS Internet Storm Center
Microsoft Security Advisory 2219475
Public notification for "Security Advisory (2219475) ".
2010-06-10 21:26
SANS Internet Storm Center
Microsoft Help Centre Handling of Escape Sequences May Lead to Exploit
Vulnerability proof-of-concept code has been posted to Mailing List.
2010-06-10 15:01
US-CERT
Microsoft Windows Help and Support Center Vulnerability
US-CERT Current Activity
Public notification for "Security Advisory (2219475) ".
2010-06-10 10:23
Symantec
ThreatCON (2) => (2)
2010-06-09 23:46
Full-disclosure
Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Vulnerability proof-of-concept code posted to Mailing List.
#Cid:40725_realplayer.ram
#Cid:40725.rb
#Tested: cpe:/o:microsoft:windows_xp + cpe:/a:microsoft:ie:6
#Tested: cpe:/o:microsoft:windows_xp + cpe:/a:microsoft:ie:7
#Tested: cpe:/o:microsoft:windows_xp + cpe:/a:microsoft:ie:8 + cpe:/a:microsoft:windows_media_player:9
2010-06-05
Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Vulnerability reported to vendor.
2010-06-05
Trend Micro
TROJ_HCPEXP.A
Reference
CVE-2010-1885
Date first published (UTC):
2010-07-11T06:48+00:00
Date last updated (UTC):
2010-07-31T06:23+00:00