This blog is moved to
http://amalhashim.wordpress.com

Wednesday, February 10, 2010

New Security Patches

Hi all, Microsoft has released new set of security patches. These all are marked as critical, so install it as early as possible

Critical (2000, XP, W7, 2003, 2008 R2)/Important (Vista, 2008): This is another in the recent problems for Windows’ SMB handling; this one is a remote code execution exploit. The only nice thing about this one is that it requires the attacker to get you to try to connect to their rigged SMB server, and that’s pretty unlikely to go through many corporate firewalls. All the same, get this patch installed as soon as you can. 191KB - 1.2MB
http://www.microsoft.com/technet/security/bulletin/ms10-006.mspx
http://support.microsoft.com/kb/978706

Critical (2000, XP, 2003): There is a bug in the ShellExecute API call (which allows programs to ask the OS to perform commands) which allows a remote code execution attack to occur. This patch should be installed immediately. 606KB - 1.4MB
http://www.microsoft.com/technet/security/bulletin/ms10-007.mspx
http://support.microsoft.com/kb/975713

Critical (2000, XP)/Important(Vista, W7)/Moderate(2003)/Low(2008, 2008 R2): This is an important update to the ActiveX Kill Bits system that fixes a bug that could allow remote code execution exploits, and adds some addition controls to the kill bits system. Install this as soon as you can. 27KB - 1.0MB
http://www.microsoft.com/technet/security/bulletin/ms10-008.mspx
http://support.microsoft.com/kb/978262

Critical (Vista, 2008): A problem in the TCP/IP stack of Vista and 2008 allows and attacker to perform a remote code execution exploit if IPv6 is turned on. You should install this patch immediate. 1.4MB - 2.7MB
http://www.microsoft.com/technet/security/bulletin/ms10-009.mspx
http://support.microsoft.com/kb/974145

No comments: