Well this is the last Security bulletin for the year so make sure you have a look at these before you head off on holidays!
New Security Bulletins
Microsoft is releasing the following 17 new security bulletins for newly discovered vulnerabilities:
Bulletin ID
Bulletin Title
Max Severity Rating
Vulnerability Impact
Restart Requirement
Affected Software
MS10-090
Cumulative Security Update for Internet Explorer (2416400)
Critical
Remote Code Execution
Requires restart
Internet Explorer in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-091
Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution (2296199)
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-092
Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)
Important
Elevation of Privilege
Microsoft Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS10-093
Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (2424434)
May require restart
Microsoft Windows Vista
MS10-094
Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)
Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
MS10-095
Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2385678)
Windows 7 and Windows Server 2008 R2.
MS10-096
Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089)
MS10-097
Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)
Microsoft Windows XP and Windows Server 2003.
MS10-098
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
MS10-099
Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591)
MS10-100
Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)
MS10-101
Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)
Denial of Service
Microsoft Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2.
MS10-102
Vulnerability in Hyper-V Could Allow Denial of Service (2345316)
Microsoft Windows Server 2008 and Windows Server 2008 R2.
MS10-103
Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
Microsoft Publisher 2002, Publisher 2003, Publisher 2007, and Publisher 2010.
MS10-104
Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
Microsoft SharePoint Server 2007
MS10-105
Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
Microsoft Office XP, Office 2003, Office 2007, Office 2010, Office Converter Pack, and Works 9.
MS10-106
Vulnerability in Microsoft Exchange Server Could Allow Denial of Service (2407132)
Moderate
Microsoft Exchange Server 2007
If you want summaries of these bulletins then please click here.
jeffa