Microsoft Security Bulletin Release: April 2010

This month we 11 security bulletin releases for newly discovered vulnerabilities. Please see the details below for all the information.

Bulletin ID	Bulletin Title	Max Severity Rating	Vulnerability Impact	Restart Requirement	Affected Software
MS10-019	Vulnerabilities in Windows Could Allow Remote Code Execution (981210)	Critical	Remote Code Execution	Requires restart	Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-020	Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232)	Critical	Remote Code Execution	Requires restart	Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-021	Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)	Important	Elevation of Privilege	Requires restart	Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-022	Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)	Important	Remote Code Execution	May require restart	Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-023	Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)	Important	Remote Code Execution	May require restart	Microsoft Office Publisher 2002, Publisher 2003, and Publisher 2007
MS10-024	Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)	Important	Denial of Service	Requires restart	Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Exchange 2000 Server SP3, Exchange Server 2003 SP2, Exchange Server 2007, and Exchange Server 2010.
MS10-025	Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858)	Critical	Remote Code Execution	Requires restart	Microsoft Windows 2000 Server
MS10-026	Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)	Critical	Remote Code Execution	May require restart	Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
MS10-027	Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402)	Critical	Remote Code Execution	May require restart	Microsoft Windows 2000 and Windows XP.
MS10-028	Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)	Important	Remote Code Execution	May require restart	Microsoft Office Visio 2002, Visio 2003, and Visio 2007
MS10-029	Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338)	Moderate	Spoofing	Requires restart	Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Microsoft Windows Malicious Software Removal Tool

We are also releasing an updated version of the Windows Malicious Software Removal Tool on Windows Update, Windows Server Update Services and the Download Centre. More details can be found here.

I’ve said this many times on this blog and in many presentations I’ve done over the years. Keep you systems up to date and you will minimize vulnerabilities in those systems. The reason I post these security bulletins every month is to remind people of that fact. Just the other day I heard of customer who hadn’t updated the virus definitions since 2008! No wonder people have issues! Patching is important and should be something you have in you PC and server maintenance schedule. It just has to be done. That’s all!

Technorati Tags: Patching,WSUS,Updates,Security Bulletins

Jeffa

Jeff Alexander's Weblog

Microsoft Security Bulletin Release: April 2010

Products

Resources

Solutions

Downloads

Evals

Tools

TechNet Support

Microsoft Support