Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Security Response

Microsoft Patch Tuesday - June 2010

Created: 08 Jun 2010 19:35:22 GMT • Updated: 23 Jan 2014 18:27:06 GMT
Robert Keith's picture
+1 1 Vote
Login to vote

Hello and welcome to this month’s blog on the Microsoft patch releases. This is a fairly busy month—the vendor is releasing 10 bulletins covering a total of 34 vulnerabilities.

Six of the issues are rated “Critical” and affect Data Analyzer ActiveX, Internet Explorer 8 Developer Tools, Internet Explorer, and Windows. All of the “Critical” issues are client-side and can result in remote code-execution in the context of the currently logged-in user if an attacker can trick an unsuspecting victim into performing some action. There are also a record number of issues affecting Excel, with 14 vulnerabilities being discovered in that program, 13 of which are remote code execution.

As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.
- Run all software with the least privileges required while still maintaining functionality.
- Avoid handling files from unknown or questionable sources.
- Never visit sites of unknown or questionable integrity.
- Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft’s summary of the June releases can be found here:
http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx

The following is a breakdown of some of the more notable issues this month:

1. MS10-035 Cumulative Security Update for Internet Explorer (982381)

CVE-2010-1259 (BID 40410) Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Internet Explorer because of how it handles an object that has not been properly initialized or has been deleted. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user.

CVE-2010-1262 (BID 40417) Microsoft Internet Explorer Uninitialized Memory (CVE-2010-1262) Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Internet Explorer because of how it handles an object that has not been properly initialized or has been deleted. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user.

2. MS10-033 Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)

CVE-2010-1879 (BID 40432) Microsoft Windows Media Decompression Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Microsoft Windows due to how it handles compression data in media files. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially crafted file or into viewing specially crafted streaming content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

CVE-2010-1880 (BID 40464) Microsoft Windows Media Decompression Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Microsoft Windows due to how it handles compression data in media files. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially crafted file or into viewing specially crafted streaming content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

3. MS10-034 Cumulative Security Update of ActiveX Kill Bits (980195)

CVE-2010-0252 (BID 38045) Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects the Microsoft Data Analyzer ActiveX control. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

CVE-2010-0811 (BID 40490) Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects the Microsoft Internet Explorer 8 Developer Tools. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

4. MS10-040 Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)

CVE-2010-1256 (BID 40573) Microsoft IIS Authentication Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Internet Information Services (IIS) when parsing authentication information when it is configured for ‘Extended Protection for Authentication’. An attacker can exploit this issue to execute arbitrary code with the privileges of the affected application. This may facilitate a complete compromise of the underlying computer.

More information on these and the other vulnerabilities being addressed this month is available at Symantec’s free SecurityFocus portal and to our customers through the DeepSight Threat Management System.