Microsoft has released its security bulletin summary for May 2010. This month Microsoft has released two bulletins, addressing a total of two vulnerabilities.
Both the bulletins have been rated “Critical” and both the bulletins are related to “Remote Code Execution” vulnerability. The bulletins released this month provide security updates for Microsoft Outlook Express 5.5 (SP2), Microsoft Outlook Express 6, Microsoft Outlook Express 6 (SP1), Microsoft Windows Mail, Microsoft Windows Live Mail, Microsoft Office XP (SP3), Microsoft Office 2003 (SP3), Microsoft Office 2007 System Service (SP1 & SP2) and Microsoft Visual Basic for Applications.
The bulletins released are as follows:
– Bulletin MS10-030 resolves vulnerability in Outlook Express, Windows Mail, and Windows Live Mail. The vulnerability could allow remote code execution if a user visits a malicious e-mail server.
– Bulletin MS10-031 resolves vulnerability in Microsoft Visual Basic. The vulnerability could allow remote code execution if a host application opens and passes a specially crafted file to the Visual Basic for Applications runtime.
For detailed information about both the bulletins and the corresponding vulnerabilities addressed, please visit Microsoft Security Bulletin Summary – May 2010 page.
I will recommend users to set Windows Update in Install updates automatically mode. So the important patches get applied automatically.