Patch Tuesday has come and gone, and with it came the biggest Microsoft Update ever seen since they began their monthly update cycle in 2003. The Windows Operating System as well as Internet Explorer, MS Office, MS Office for Mac, MS Works, Silverlight 2 and 3, the .NET Framework and Movie Maker are all affected.
There are 14 new security bulletins released this week, 8 of which are labeled as "critical" and the remaining 6 are labeled "important". These numbers do not include the link vulnerability patch that was released last week, although the Security Bulletin Summary does include that patch with the others. Microsoft is assuring people that of these new vulnerabilities, none have been seen exploited in the wild as of yet.
Of the 8 "critical" bulletins, 4 are listed as high-priority, meaning that they should receive immediate attention.
MS10-052 - This bulletin addresses a vulnerability in Microsoft's MPEG Layer-3 audio codecs. Remote code can be executed through specially crafted media files or streaming content from a website or web application.
MS10-055 - This bulletin addresses a vulnerability in the Cinepak Codec. Remote code can be executed through specially crafted media files or streaming content from a website or web application.
MS10-056 - This bulletin addresses 4 different vulnerabilities in MS Office. An attacker can gain privileges equal to that of the user if that user opens or previews a specially crafted RTF email message.
MS10-060 - This bulletin addresses 2 different vulnerabilities in the .NET Framework and Silverlight. Remote code can be executed when viewing a specially crafted web page in a browser which can run XAML Browser Applications or Silverlight Applications, or if the user runs a specially crafted .NET application. More information on these 4 bulletins, as well as the other bulletins, can be found via the Microsoft Security Bulletin Summary for August 2010.
There are 14 new security bulletins released this week, 8 of which are labeled as "critical" and the remaining 6 are labeled "important". These numbers do not include the link vulnerability patch that was released last week, although the Security Bulletin Summary does include that patch with the others. Microsoft is assuring people that of these new vulnerabilities, none have been seen exploited in the wild as of yet.
Of the 8 "critical" bulletins, 4 are listed as high-priority, meaning that they should receive immediate attention.
MS10-052 - This bulletin addresses a vulnerability in Microsoft's MPEG Layer-3 audio codecs. Remote code can be executed through specially crafted media files or streaming content from a website or web application.
MS10-055 - This bulletin addresses a vulnerability in the Cinepak Codec. Remote code can be executed through specially crafted media files or streaming content from a website or web application.
MS10-056 - This bulletin addresses 4 different vulnerabilities in MS Office. An attacker can gain privileges equal to that of the user if that user opens or previews a specially crafted RTF email message.
MS10-060 - This bulletin addresses 2 different vulnerabilities in the .NET Framework and Silverlight. Remote code can be executed when viewing a specially crafted web page in a browser which can run XAML Browser Applications or Silverlight Applications, or if the user runs a specially crafted .NET application. More information on these 4 bulletins, as well as the other bulletins, can be found via the Microsoft Security Bulletin Summary for August 2010.
netizens left a footprint.