Microsoft Security Bulletin Advance Notification for September 2010

For the coming month Microsoft plan to release 10 bulletins.

Out of the 10 bulletins, four bulletins have been rated “Critical” and six bulletins have been rated “Important”. 7 bulletins are related to “Remote Code Execution” vulnerability and two bulletins are related to “Elevation of Privilege” vulnerability and one is related to “Information Disclosure”.

The following vulnerabilities have been rated “Critical”:

– Bulletin MS10-061 resolves a publicly disclosed vulnerability in the Print Spooler service. The vulnerability could allow remote code execution if an attacker sends a specially crafted print request to a vulnerable system that has a print spooler interface exposed over RPC.

– Bulletin MS10-062 resolves a privately reported vulnerability in MPEG-4 codec. The vulnerability could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content.

– Bulletin MS10-063 resolves a privately reported vulnerability in the Unicode Scripts Processor. The vulnerability could allow remote code execution if a user views a specially crafted document or Web page with an application that supports embedded OpenType fonts.

– Bulletin MS10-064 resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opens or previews a specially crafted e-mail message using an affected version of Microsoft Outlook that is connected to an Exchange server with Online Mode.

The following vulnerabilities have been rated “Important”:

– Bulletin MS10-065 resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Information Services (IIS). The most severe of these vulnerabilities could allow remote code execution if a client sends a specially crafted HTTP request to the server.

– Bulletin MS10-066 resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted RPC response to a client-initiated RPC request.

– Bulletin MS10-067 resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted file using WordPad.

– Bulletin MS10-068 resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if an authenticated attacker sends specially crafted Lightweight Directory Access Protocol (LDAP) messages to a listening LSASS server.

– Bulletin MS10-069 resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system that is configured with a Chinese, Japanese, or Korean system locale.

– Bulletin MS10-070 resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server.

For detailed information of all the bulletins and the corresponding vulnerabilities addressed, please visit,

https://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx

We will recommend users to set Windows Update in Install updates automatically mode. So the important patches get applied automatically.

This advanced notification is for the users, So that they can plan for effective deployment of security updates, and includes information about the number of new security updates being released, the software affected, severity levels of vulnerabilities, and information about any detection tools relevant to the updates.