September 2010 - Microsoft Releases 9 Security Advisories
DESCRIPTION
Microsoft addresses the following vulnerabilities in its September batch of patches:
(MS10-061) Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)
Risk Rating: Critical
This security update addresses a vulnerability in the Print Spooler service. Once successfully exploited, this could result to remote code execution when an attacker sends a specially crafted print request to a system with a print spooler interface exposed over RPC. Read more here.
(MS10-062) Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution (975558)
Risk Rating: Critical
This security update addresses vulnerability in MPEG-4 codec that when exploited could give an attacker user rights as the user. Read more here.
(MS10-063) Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2320113)
Risk Rating: Critical
This security update addresses a vulnerabillity in the Unicode Scripts Processor. Read more here.
(MS10-064) Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2315011)
Risk Rating: Critical
This security update addresses a vulnerability that could allow remote code execution once a user opened a specially crafted email message via an affected version of Microsoft Outlook. Read more here.
(MS10-065) Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution (2267960)
Risk Rating: Important
This security update addresses vulnerability in Internet Information Services (IIS) that could allow remote code execution once a sends a specially crafted HTTP request to the server. Read more here.
(MS10-066) Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (982802)
Risk Rating: Important
This security update addresses a vulnerability in Microsoft Windows. When successfully exploited, it could execute arbitrary code and take full control of an affected system. Read more here.
(MS10-067) Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2259922)
Risk Rating: Important
This security update addresses a vulnerability in Microsoft Windows that could allow remote code execution if a user opened a specially crafted file using WordPad. Read more here.
(MS10-068) Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege (983539)
Risk Rating: Important
This security update addresses a vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). Read more here.
(MS10-069) Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege (2121546)
Risk Rating: Important
This security update addresses a vulnerability in Microsoft Windows. Once exploited, it could elevate the privilege of an attacker who is logged on to an affected system configure with a Chinese, Japanese, or Korean system. Read more here.
INFORMATION EXPOSURE
Trend Micro clients using OfficeScan with Intrusion Defense Firewall (IDF) may refer to the table below for the pattern filter identifier(s):
Microsoft Bulletin ID | Vulnerability ID | Identifier & Title | IDF First Pattern Version | IDF First Pattern Release Version |
---|---|---|---|---|
MS10-061 | CVE-2010-2729 | 1004401 - Print Spooler Service Impersonation Vulnerability | 10-029 | Sept 15, 2010 |
MS10-062 | CVE-2010-0818 | 1004397 - MPEG-4 Codec Vulnerability | 10-029 | Sept 15, 2010 |
MS10-065 | CVE-2010-1899 | 1004396 - IIS Repeated Parameter Request Denial Of Service Vulnerability | 10-029 | Sept 15, 2010 |
CVE-2010-2730 | 1004398 - Request Header Buffer Overflow Vulnerability | 10-029 | Sept 15, 2010 | |
CVE-2010-2731 | 1004399 - Directory Authentication Bypass Vulnerability | 10-029 | Sept 15, 2010 | |
MS10-067 | CVE-2010-2563 | 1004395 - WordPad Word 97 Text Converter Memory Corruption Vulnerability | 10-029 | Sept 15, 2010 |