Microsoft Security Bulletin Summary for October 12 2010
Published: October 12 2010
Note: There may be latency issues due to replication, if the page does not display keep refreshing
Note: http://www.microsoft...echnet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Today Microsoft released the following Security Bulletin(s).
Bulletin Summary:
http://www.microsoft...n/ms10-oct.mspx
Critical (4)
Cumulative Security Update for Internet Explorer (2360131)
http://go.microsoft..../?LinkId=202013
Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)
http://go.microsoft..../?LinkId=201722
Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)
http://go.microsoft..../?LinkId=194560
Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
http://go.microsoft..../?LinkId=201704
Important (10)
Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
http://go.microsoft..../?LinkID=202016
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
http://go.microsoft..../?LinkId=201093
Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
http://go.microsoft..../?LinkId=201084
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
http://go.microsoft..../?LinkId=201696
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
http://go.microsoft..../?LinkId=200529
Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
http://go.microsoft..../?LinkId=201086
Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)
http://go.microsoft..../?LinkId=201098
Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)
http://go.microsoft..../?LinkId=190553
Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
http://go.microsoft..../?LinkId=201720
Vulnerability in SChannel Could Allow Denial of Service (2207566)
http://go.microsoft..../?LinkId=201705
Moderate (2)
Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)
http://go.microsoft..../?LinkId=201703
Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
http://go.microsoft..../?LinkId=201721
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.