Recent ‘critical’ Microsoft patches

September 15th, 2010 by Stephen Jones Leave a reply »

Security PatchesMS10-061/KB2347290 – Critical (XP, Vista, 7, 2003, 2008, 2008 R2): This patch closes up a remote code execution vulnerability in the print spooler of all places. Since your print spoolers should never be exposed from the outside, and because no computer shares printers by default, this patch can safely wait until your regular patch window. (In a few rare cases, XP machines with certain printers installed are vulnerable even without sharing the printer)

 MS10-062/KB975558 – Critical (XP, Vista, 2003, 2008): A problem in the MPEG-4 codec can allow remote code execution attacks when viewing a malformed file or stream. Video files are common enough to warrant installing this patch as soon as you can.

MS10-063/KB2320113 – Critical (XP, Vista, 2003, 2008): The portion of Windows that handles Unicode has a bug that could allow remote code execution exploits to be performed. The attacker would need to feed you a document or a Web page with an embedded, malformed font. That’s trivially easy, so you will want to install this patch immediately.

MS10-064/KB2315011 – Critical (Office XP, Office 2003, Office 2007): Outlook is open to a remote code execution attack if it opens an email while connected to an Exchange server in Online Mode. This is a common scenario in the business world, so you will want to treat this patch as “right now” item.

MS10-065/KB2267960 – Important (IIS 5.1, IIS 6, IIS 7, IIS 7.5): This patch corrects a remote code execution problem, an escalation of privileges issue, and a denial of service vulnerability in all modern versions of IIS. The holes can be exploited with a malformed HTTP request. Microsoft labels this problem as “Important” – it reads more like “critical” and I suggest that you patch this as soon as you can.

  MS10-066/KB982802 – Important (XP, 2003): There is a remote code execution attack vulnerability in RPC that this patch addresses. RPC should not be visible outside the firewall, and the attack requires that the user of the exploited PC initiate the connection. As such, this patch can wait until your usual patch time to be installed.


Leave a Reply

You must be logged in to post a comment.