US-CERT Technical Cyber Security Alert TA10-040A -- Microsoft Updates for Multiple Vulnerabilities




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA10-040A


Microsoft Updates for Multiple Vulnerabilities

Original release date:
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows and Windows Server
* Microsoft Internet Explorer
* Microsoft Office


Overview

Microsoft has released updates to address vulnerabilities in
Microsoft Windows, Windows Server, Internet Explorer, and Microsoft
Office.


I. Description

Microsoft has released multiple security bulletins for critical
vulnerabilities in Microsoft Windows, Windows Server, Internet
Explorer, and Microsoft Office. These bulletins are described in
the Microsoft Security Bulletin Summary for February 2010.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code,
gain elevated privileges, or cause a vulnerable application or
system to crash.


III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for February 2010. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).


IV. References

* Microsoft Security Bulletin Summary for February 2010 -
<http://www.microsoft.com/technet/security/bulletin/MS10-feb.mspx>

* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA10-040A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@xxxxxxxx> with "TA10-040A Feedback VU#799780" in
the subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2010 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

February 09, 2010: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS3HJuS/E9ke+6HGsAQIQNwf/V+/EBGMhBjl8LTZGaISAa79KsKQD5QNI
uTKpHc0BQzgT5cYy3c2Q4ht53uYWp9VEsVRPpmlxxvMTBBS+9Ig8CM76Wcnw5UY3
DwUaKj+VdoJQ6/aUFpRAvfSOjS+CaJ9N4Arogowa7/r/86GEoLBkLq0pcA97MbF8
theX1eGDWgXH41SVS9PaZdRfE1Z+dYLbbXXLbvk1aUP8zUrx2XYTTHtErFCV7KAf
SxLA4fDA628v9J+PndlHI45Kc2MfwEm/9kk98zcQCJdRrhSQLHSxpTGVE9GQjAn2
kCsUQg8PKNy8E9ALL17Inc/moULRxjqVFBUlAy0w+rX9Z9bW2pfPfg==
=1aMo
-----END PGP SIGNATURE-----



Relevant Pages

  • <>
    ... > Microsoft Security Bulletin Advance Notification issued: ... > Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. ...
    (microsoft.public.windows.server.sbs)
  • Re: Does Microsoft take Security Seriously? - Internet Bank hacked - it could happen to you!
    ... take security seriously. ... I have used Microsoft products for year without ... while downloading those updates. ... As soon as I connected to the Internet, I did a Windows Update - I ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Microsoft Security Bulletins for December 2007
    ... Microsoft released today the following security bulletins. ... high-priority updates and 2007 ... Microsoft Office Service Pack 1 on Microsoft Update and Windows ...
    (microsoft.public.windowsupdate)
  • RE: What server hardening are you doing these days?
    ... Visual Developer - Security: ... > Windows Server 2003 Security Guide: ... > Scenarios and Procedures for Microsoft Systems Management Server 2003: ... >> Because of these changes to the core operating system of Windows XP ...
    (Focus-Microsoft)
  • Re: KB977816 fails to apply to 2000 server
    ... That doesn't seem to make sense as this kb977816 is listed as a security ... Microsoft MPEG Layer-3 audio codecs. ... The vulnerability could allow remote ... and Windows Server 2008. ...
    (microsoft.public.windowsupdate)