Rapid7 Security Alerts

Microsoft Security Bulletins for June 2010

Wed, 9 Jun 2010 10:27:38 -0400

As summer comes upon us in the Northern hemisphere, June is again one of the heavier months for Microsoft. For 2009, it was 10 Advisories, covering 31 Vulnerabilities. For June 2010, Microsoft has announced 10 Advisories, with 34 Vulnerabilities covered.

Microsoft Security Bulletins for May 2010

Wed, 9 Jun 2010 10:34:58 -0400

2 Advisories, with 2 Vulnerabilities covered. Both are rated as Critical.

Microsoft Security Bulletins for April 2010

Tue, 13 Apr 2010 16:37:31 -0400

11 advisories, with 25 vulnerabilities covered. 5 Critical; 5 Important; 1 Moderate. This is the heaviest April update we’ve seen; we generally see 5-8 updates in April and 25 vulnerabilities breaks the 2009 April record of 21. The SMB DoS issue is being addressed, rated Important and affecting Windows & Exchange. 2 issues affecting Office, both of which are rated Important. The other 8 affect Windows with 5 Critical, 2 Important, and 1 Moderate.

Microsoft Security Bulletins for March 2010

Mon, 15 Mar 2010 12:52:18 -0400

MS10-016: Rated Important. Potential Remote Code Execution in Windows Movie Maker, covering 1 vulnerability: CVE-2010-0265 (Buffer Overflow in Movie Maker and Producer).

MS10-017: Rated Important. Potential Remote Code Execution in Excel, Excel Viewer, Office for Mac, Office Compatibility Pack, and the Excel Services (which are in the default configuration for SharePoint Server 2007), covering 7 vulnerabilities: CVE-2010-0257 (Record Memory Corruption), CVE-2010-0258 (Sheet Object Type Confusion), CVE-2010-0260 (MDXTUPLE Record Heap Overflow), CVE-2010-0261 (MDXSET Record Heap Overflow), CVE-2010-0262 (FNGROUPNAME Record Uninitialized Memory), CVE-2010-0263 (XLSX File Parsing), and CVE-2010-0264 (DbOrParamQry Record Parsing). This one replaces MS09-067 from November of last year along with MS09-021 from June of last year on SharePoint. Microsoft rates it as Exploit Index: 1; Deployment Priority: 2.

Microsoft Security Bulletins for February 2010

Tue, 16 Feb 2010 11:09:39 -0500

MS10-003: Rated Important. Potential Remote Code Execution in Office XP and Office 2004 for Mac, covering 1 vulnerability: CVE-2010-0243 (Buffer Overflow in MSO.DLL). This one replaces the MS09-062 GDI+ patch from last October. Important to note that user interaction is required for this one. Microsoft rates it as Exploit Index: 1; Deployment Priority: 2.

Microsoft's Out of Band Security Update January 2010

Tue, 16 Feb 2010 12:52:52 -0500

After a quiet Patch Tuesday last week with only one vulnerability announced, that calm has been followed by a bit of a storm. Here is a quick summary of this month’s summary of Microsoft’s Out of Band Security update...

Microsoft Security Bulletins for January 2010

Tue, 16 Feb 2010 11:08:45 -0500

MS10-001: Rated Critical. Potential Remote Code Execution via integer overflow in LZCOMP Decompressor of the Embedded OpenType (EOT) Font Engine, covering 1 vulnerability: CVE-2010-0018. Important to note that Windows 2000 is rated critical; all others are rated low. This update replaces MS09-029 from July of last year, which was critical across the board. Also interesting to note: Microsoft has specifically called out that the SMB DoS exposure is not being addressed today as they are still conducting research. No indication if this will be released as a subsequent out-of-band issue or whether we’ll see it in a future Patch Tuesday, although Microsoft does not have a history of addressing DoS exposures out of band.

Microsoft Security Bulletins for December 2009

Tue, 16 Feb 2010 11:08:13 -0500

Microsoft this month issued 6 updates, with a total of 12 vulnerabilities covered.

Microsoft Security Bulletins for November 2009

Tue, 16 Feb 2010 11:07:45 -0500

Microsoft this month issued 6 updates, with a total of 15 vulnerabilities covered. Overall this is a much lighter month than October’s monster update, although it’s a busy one by November standards. Rapid7 recommends that organizations who run a full test cycle before distributing updates focus on MS09-065 first … particularly on client workstations. This one has the broadest impact, including Domain Controllers, Member Servers, and workstations. We also recommend a focus on the Excel updates in MS09-067 and the Active Directory Denial of Service addressed with MS09-066.

Microsoft Security Bulletins for October 2009

Tue, 16 Feb 2010 11:06:00 -0500

13 advisories, with 34 vulnerabilities covered.

Microsoft Security Bulletins for September 2009

Wed, 9 Sep 2009 10:58:51 -0400

Five advisories, with eight vulnerabilities covered. This month’s update is a major change from last month, with coverage for JScript scripting engine, ActiveX control for DHTML editing, Wireless Frame Parsing, Windows Media, and TCP/IP. The common theme again is client side, with web enabling technologies, media player, and wireless autoconfig in the mix.

Microsoft Security Bulletins for August 2009

Tue, 11 Aug 2009 11:00:41 -0400

Microsoft Published 9 advisories, with 19 vulnerabilities covered

Microsoft Security Bulletins for July 2009

Tue, 14 Jul 2009 11:02:03 -0400

On July 14 Microsoft published 6 new security bulletins, covering nine vulnerabilities in Windows, Virtual PC/Virtual Server, ISA Server and Office Publisher. The Exploitability Index included in the bulletins lists all but the Virtual PC vulnerabilities as highly likely to be consistently exploited by attackers.

Microsoft Security Bulletins for June 2009

Tue, 9 Jun 2009 11:03:33 -0400

Contrary to speculations in the security community, last month's single security bulletin appears to have been an aberration rather than a sign that the patch burden for Microsoft products is diminishing. The 10 bulletins released in June are more in line with the historical number of monthly vulnerabilities.

Microsoft PowerPoint Vulnerabilities

Tue, 12 May 2009 11:04:30 -0400

This week's Patch Tuesday is focused on PowerPoint vulnerabilities. Since PowerPoint files are frequently exchanged across organizational boundaries and are not blocked by most email gateways, this vector has been used extensively for targeted attacks in the past.