This month we 11 security bulletin releases for newly discovered vulnerabilities. Please see the details below for all the information.
Max Severity Rating
Vulnerabilities in Windows Could Allow Remote Code Execution (981210)
Remote Code Execution
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232)
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)
Elevation of Privilege
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)
May require restart
Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)
Microsoft Office Publisher 2002, Publisher 2003, and Publisher 2007
Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)
Denial of Service
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Exchange 2000 Server SP3, Exchange Server 2003 SP2, Exchange Server 2007, and Exchange Server 2010.
Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858)
Microsoft Windows 2000 Server
Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402)
Microsoft Windows 2000 and Windows XP.
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)
Microsoft Office Visio 2002, Visio 2003, and Visio 2007
Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338)
Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Microsoft Windows Malicious Software Removal Tool
We are also releasing an updated version of the Windows Malicious Software Removal Tool on Windows Update, Windows Server Update Services and the Download Centre. More details can be found here.
I’ve said this many times on this blog and in many presentations I’ve done over the years. Keep you systems up to date and you will minimize vulnerabilities in those systems. The reason I post these security bulletins every month is to remind people of that fact. Just the other day I heard of customer who hadn’t updated the virus definitions since 2008! No wonder people have issues! Patching is important and should be something you have in you PC and server maintenance schedule. It just has to be done. That’s all!