3 Critical Microsoft Updates, 1 Important, 1 Moderate and 1 re-released
Looks like an interesting patch day. Looks like there are several bugs covered by the cumulative IE patch… Sans has a good writeup (7 CVE issues addressed by this 1 patch….) Also the Eolas ActiveX settlement (“Eolas Patent Patch”) solution seems to be included in this bundle. Also a MDAC and a Windows Explorer (not to be confused with the Internet Explorer) patch. (The Windows Explorer AND MDAC bugs are Remote code execution vulnerabilities…)
The Outlook Express update seems to be an issue with the handling of .wab address book files… (Remote code execution vulnerability.)
And finally there is the Frontpage Server Extension vulnerability that is summed up thusly…. “A remote code execution exists in FrontPage Server Extensions (FPSE) or Sharepoint Team Services (STS) which could allow an attacker to run client-side scripts on behalf of an FPSE user.”
So it looks like a remote code execution theme of the day…. get patching.
Another good summary of the patches (and their effect..) is over at The security fix
Popularity: 1% [?]
Related Posts - Fasten your seatbelts - Browser vulnerability a day to be announced in July I hope there aren't too many browser developers that have planned on taking July off..... I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This......
- What is Open Source Open source denotes that the origins of a product are publicly accessible in part or in whole. See Open source (disambiguation) for related topics and other meanings. This article focuses on open source as a modern or commonly used allusion to any open-source software (OSS) where its source code, its......
- January Patch Tuesday Microsoft has issued two advisories related to patches coming out today. Both are remote code execution vulnerabilities, the first affects Outlook and Exchange server, the second is related to embedded Web fonts. The links above don't yet seem active, but should go to the technet Security bulletins once Microsoft finishes......
Related Websites - Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010 | Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
- Florida Gators Flag Are you looking for a way to show your Florida Gators pride, and a little bit of team spirit? Whether you are looking for a way to advertise your favorite team during the college football season, or all throughout the year, then you should consider buying a Florida Gators flag.......
- iPhone, Firefox, Safari, IE8 Pwned! The three day Pwn2Own contest at the CanSecWest security show is on. And at the end of the day, 3 major browsers, Firefox, Safari and IE8 were successfully exploited. Also a non-jailbroken iPhone was also hacked and its SMS database was stolen. Vincenzo Iozzo and Ralf Philipp Weinmann redirected an......
Similar Posts
- DoS Exploit for MS-053
- Exploit for Unpatched Internet Explorer vulnerability
- Big Windows June update day
- Microsoft updates for May
- More WMF problems for Windows