securitybulletin

I’m a week late with this one but hey I had a week off so no big deal!  This month we are releasing 9 new security bulletins so make sure you have a look at these to see where they apply in your environments.

Security Bulletins for September 2010

Bulletin ID Bulletin Title Maximum Severity Rating Vulnerability Impact Restart Requirement Affected Software
MS10-061 Vulnerability in Print Spooler Service Could Allow Remote Code Execution Critical Remote Code Execution Requires Restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-062 Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
MS10-063 Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Microsoft Office XP, Office 2003, and Office 2007.
MS10-064 Vulnerability in Microsoft Outlook Could Allow Remote Code Execution Critical Remote Code Execution May Require Restart Microsoft Outlook 2002, Outlook 2003, and Outlook 2007.
MS10-065 Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution Important Remote Code Execution May Require Restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-066 Vulnerability in Remote Procedure Call Could Allow Remote Code Execution Important Remote Code Execution Requires Restart Microsoft Windows XP and Windows Server 2003.
MS10-067 Vulnerability in WordPad Text Converters Could Allow Remote Code Execution Important Remote Code Execution May Require Restart Microsoft Windows XP and Windows Server 2003.
MS10-068 Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege Important Elevation of Privilege Requires Restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-069 Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege Important Elevation of Privilege Requires Restart Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege (2121546)

If you want summaries of these bulletins you can get them here.

Microsoft Windows Malicious Software Removal Tool

We are also releasing an updated version of the Windows Malicious Software Removal Tool.  More details can be found here.

New Security Advisory

Vulnerability in Outlook Web Access Could Allow Elevation of Privilege

Overview: Microsoft has completed the investigation of a publicly disclosed vulnerability in Outlook Web Access (OWA) that may affect Microsoft Exchange customers. An attacker who successfully exploited this vulnerability could hijack an authenticated OWA session. The attacker could then perform actions on behalf of the authenticated user without the user's knowledge, within the security context of the active OWA session.

This vulnerability affects supported editions of Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007 (except Microsoft Exchange Server 2007 Service Pack 3). Microsoft Exchange Server 2000, Microsoft Exchange Server 2007 Service Pack 3, and Microsoft Exchange Server 2010 are not affected by the vulnerability.

At this time, we are unaware of any attacks attempting to exploit this vulnerability. We will continue to monitor the threat landscape and update the advisory if the situation changes.

Recommendations:

  • Please review security advisory 2401593 at the link below for an overview of the issue, details regarding affected components, mitigating factors, workarounds, suggested actions, frequently asked questions (FAQs), and links to additional resources.
  • Microsoft recommends that customers running affected editions of Microsoft Exchange Server should upgrade to a non-affected version of Microsoft Exchange Server to address the vulnerability.
  • Customers who are unable to upgrade at this time should review the Workarounds section of security advisory 2401593 for options that can help limit the ways in which an attacker can exploit the vulnerability.

Advisory Link:  Microsoft Security Advisory 2401593 - Vulnerability in Outlook Web Access Could Allow Elevation of Privilege: http://www.microsoft.com/technet/security/advisory/2401593.mspx

Jeffa