Trend Micro Security

2010年 10 月:マイクロソフト 定例セキュリティ更新プログラム情報

  危険度: : 緊急
  情報公開日: 10 13, 2010

  概要

Microsoft addresses the following vulnerabilities in its October batch of patches:

  • (MS10-071) Cumulative Security Update for Internet Explorer (2360131)
    Risk Rating: Critical

    This security update addresses vulnerabilities in Internet Explorer that could allow remote code execution once a user views a specially crafted Web page using Internet Explorer.

    User with administrative rights are more affected by this vulnerability than those with fewer rights on the system. Read more here.

  • (MS10-072) Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
    Risk Rating: Important

    This security update addresses vulnerabilities in Microsoft SharePoint and Windows SharePoint Services. If successfully exploited via a specially crafted script to a target site using SafeHTML, it could lead to information disclosure. Read more here.

  • (MS10-073) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
    Risk Rating: Important

    This security update addresses vulnerabilities in Windows kernel-mode drivers that could increase in the privilege when an attacker is log on and is running a specially crafted application. To be able to exploit this vulnerability, the attacker must be log on locally as this could not be done remotely. Read more here.

  • (MS10-074) Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)
    Risk Rating: Critical

    This security update addresses a vulnerability in the Microsoft Foundation Class (MFC) Library that could allow remote code execution if a user is logged on with administrative user rights and opens an application built with the MFC Library. Read more here.

  • (MS10-075) Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)
    Risk Rating: Critical

    This security update addresses the vulnerability in the Microsoft Windows Media Player Network Sharing Service that could allow remote code execution once an attacker sends a specially crafted RTSP packet to an affected system. Read more here.

  • (MS10-076) Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)
    Risk Rating: Critical

    This security update addresses the vulnerability in the Embedded OpenType (EOT) Font Engine (a Microsoft Windows component) that could allow remote code execution. If successfully exploited, the attacker could remotely access the affected user system. Read more here.

  • (MS10-077) Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
    Risk Rating: Critical

    This security update addresses a vulnerability in Microsoft .NET Framework. Once a user views a specially crafted Web page via a Web browser that can run XAML Browser Applications (XBAPs), this could allow remote code execution. Moreover, it could also allow remte code execution on a server system running IIS when an attacker uploads a specially crafted ASP.NET page to that server as well as allow the processing of ASP.NET pages. Read more here.

  • (MS10-078) Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
    Risk Rating: Important

    This security update addresses vulnerabilities in the Windows OpenType Font (OTF) format driver that could allow elevation of privilege once a user views content rendered in a specially crafted OpenType font.

    This vulnerability could only be exploited when the attacker is log on locally and not remotely. Read more here.

  • (MS10-079) Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
    Risk Rating: Important

    This security update addresses 11 vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Word file.

    Once an attacker successfully exploited any of these vulnerabilities, he gains user rights to the system. Read more here.

  • (MS10-080) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
    Risk Rating: Important

    This security update addresses thirteen vulnerabilities in Microsoft Office. More specifically, it resolves issues that could allow remote code execution if a user opens a specially crafted Excel file or a specially crafted Lotus 1-2-3 file. Read more here.

  • (MS10-081) Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
    Risk Rating:Important

    This security update addresses a vulnerability in the Windows common control library that could allow remote code execution if a user visited a specially crafted Web page. Read more here.

  • (MS10-082) Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)
    Risk Rating:Important

    This security update addresses a vulnerability in Windows Media Player that could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. Read more here.

  • (MS10-083) Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)
    Risk Rating:Important

    This security update addresses a vulnerability in Microsoft Windows that could allow remote code execution if a user opens a specially crafted file using WordPad or selects or opens a shortcut file that is on a network or WebDAV share. Read more here.

  • (MS10-084) Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
    Risk Rating: Important

    This security update addresses a vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs specially crafted code that sends an LPC message to the local LRPC Server. The message could then allow an authenticated user to access resources that are running in the context of the NetworkService account. Read more here.

  • (MS10-085) Vulnerability in SChannel Could Allow Denial of Service (2207566)
    Risk Rating:Important

    This security update addresses a vulnerability in the Secure Channel (SChannel) security package in Windows that could allow denial of service if an affected Internet Information Services (IIS) server hosting a Secure Sockets Layer (SSL)-enabled Web site received a specially crafted packet message. By default, IIS is not configured to host SSL Web sites. Read more here.

  • (MS10-086) Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
    Risk Rating: Moderate

    This security update addresses a vulnerability in Windows Server 2008 R2 when used as a shared failover cluster. More specifically, this vulnerability could allow data tampering on the administrative shares of failover cluster disks. Read more here.

  トレンドマイクロの対策

マイクロソフトは、2010 年 10 月の定例セキュリティ更新プログラムをリリースし、以下の脆弱性に対応しています。

  • MS10-071:Internet Explorer 用の累積的なセキュリティ更新プログラム (2360131)
    危険度:緊急

    詳しくは こちら

  • MS10-072:SafeHTML の脆弱性により、情報漏えいが起こる (2412048)
    危険度:

    詳しくは こちら

  • MS10-073:Windows カーネルモード ドライバーの脆弱性により、特権が昇格される (981957)
    危険度:

    詳しくは こちら

  • MS10-074:Microsoft Foundation Classes の脆弱性により、リモートでコードが実行される (2387149)
    危険度:緊急

    詳しくは こちら

  • MS10-075:Windows Media Player ネットワーク共有サービスの脆弱性により、リモートでコードが実行される (2281679)
    危険度:緊急

    詳しくは こちら

  • MS10-076:Embedded OpenType フォント エンジンの脆弱性により、リモートでコードが実行される (982132)
    危険度:緊急

    詳しくは こちら

  • MS10-077:.NET Framework の脆弱性により、リモートでコードが実行される (2160841)
    危険度:緊急

    詳しくは こちら

  • MS10-078:OpenType フォント (OTF) 形式ドライバーの脆弱性により、特権が昇格される (2279986)
    危険度:

    詳しくは こちら

  • MS10-079:Microsoft Word の脆弱性により、リモートでコードが実行される (2293194)
    危険度:

    詳しくは こちら

  • MS10-080:Microsoft Excel の脆弱性により、リモートでコードが実行される (2293211)
    危険度:

    詳しくは こちら

  • MS10-081:Windows コモン コントロール ライブラリの脆弱性により、リモートでコードが実行される (2296011)
    危険度:

    詳しくは こちら

  • MS10-082:Windows Media Player の脆弱性により、リモートでコードが実行される (2378111)
    危険度:

    詳しくは こちら

  • MS10-083:Windows シェルおよびワードパッドの COM の検証の脆弱性により、リモートでコードが実行される (2405882)
    危険度:

    詳しくは こちら

  • MS10-084:Windows ローカル プロシージャー コールの脆弱性により、特権が昇格される (2360937)
    危険度:

    詳しくは こちら

  • MS10-085:SChannel の脆弱性により、サービス拒否が起こる (2207566)
    危険度:

    詳しくは こちら

  • MS10-086:Windows 共有クラスター ディスクの脆弱性により、改ざんが起こる (2294255)
    危険度:警告

    詳しくは こちら


Trend Micro 脆弱性対策オプション(ウイルスバスター コーポレートエディション プラグイン製品)」をご利用のユーザは、以下のフィルタ番号およびパターンバージョンによりこれらの脆弱性から保護されます。


Microsoft セキュリティ情報 ID CVE識別番号 フィルタ番号およびフィルタ名 Deep Security パターンバージョン Deep Security パターンリリース日
MS10-071 CVE-2010-3324 1004463 - HTML Sanitization Vulnerability 10-032 2010年10月13日
MS10-071 CVE-2010-3326 1004474 - Uninitialized Memory Corruption Vulnerability 10-032 2010年10月13日
MS10-071 CVE-2010-3328 1004466 - Uninitialized Memory Corruption Vulnerability 10-032 2010年10月13日
MS10-071 CVE-2010-3329 1004468 - Uninitialized Memory Corruption Vulnerability 10-032 2010年10月13日
MS10-071 CVE-2010-3330 1004476 - Cross-Domain Information Disclosure Vulnerability 10-032 2010年10月13日
MS10-071 CVE-2010-3331 1004467 - Uninitialized Memory Corruption Vulnerability 10-032 2010年10月13日
MS10-072 CVE-2010-3243 1004464 - HTML Sanitization Vulnerability 10-032 2010年10月13日
MS10-072 CVE-2010-3324 1004463 - HTML Sanitization Vulnerability 10-032 2010年10月13日
MS10-075 CVE-2010-3225 1004469 - RTSP Use After Free Vulnerability 10-032 2010年10月13日
MS10-078 CVE-2010-2740 1004485 - OpenType Font Parsing Vulnerability 10-035 2010年11月9日
MS10-080 CVE-2010-3230 1004475 - Excel Record Parsing Integer Overflow Vulnerability 10-032 2010年10月13日
MS10-080 CVE-2010-3232 1004470 - MS Excel File Format Parsing Vulnerability 10-032 2010年10月13日
MS10-080 CVE-2010-3240 1004473 - Real Time Data Array Record Vulnerability 10-032 2010年10月13日
MS10-082 CVE-2010-2745 1004477 - Windows Media Player Memory Corruption Vulnerability 10-033 2010年10月27日
MS10-085 CVE-2010-3229 1004472 - TLSv1 Denial Of Service Vulnerability 10-032 2010年10月13日