Video Screencast Help
Security Response

Microsoft Patch Tuesday - October 2010

Created: 12 Oct 2010 21:24:12 GMT • Updated: 23 Jan 2014 18:24:32 GMT • Translations available: 日本語
Robert Keith's picture
0 0 Votes
Login to vote

Hello and welcome to this month’s blog on the Microsoft patch releases. This is, by far, the largest Patch Tuesday release since the start of the program. The vendor is releasing 16 bulletins covering a total of 49 vulnerabilities, including one of the zero-day vulnerabilities used by the Stuxnet threat.

Five of the issues are rated “Critical” and affect Internet Explorer, Embedded OpenType Fonts, .NET, and Media Player. The majority of the issues being addressed this month affect Excel (13 issues), Office (11 issues), and Internet Explorer (10 issues). The remaining issues affect Windows kernel-mode drivers, SChannel, OpenType Fonts, Shared Cluster Disks, Common Control Library, Local Procedure Call (LPC), Microsoft Foundation Classes (MFC), Active Template Library, Sharepoint, and Groove.

 As always, customers are advised to follow these security best practices:
 
-     Install vendor patches as soon as they are available.
-     Run all software with the least privileges required while still maintaining functionality.
-     Avoid handling files from unknown or questionable sources.
-     Never visit sites of unknown or questionable integrity.
-     Block external access at the network perimeter to all key systems unless specific access is required.
 
Microsoft’s summary of the October releases can be found here:

http://www.microsoft.com/technet/security/bulletin/ms10-oct.mspx

The following is a breakdown of the some of the notable issues being addressed this month:

1. MS10-071 Cumulative Security Update for Internet Explorer (2360131)

CVE-2010-0808 (BID 43695) Microsoft Internet Explorer Auto-Complete Information Disclosure Vulnerability (MS Rating: Moderate / Symantec Rating: 6.7/10)

An information-disclosure vulnerability affects the AutoComplete feature of Internet Explorer. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a Web page containing malicious content. A successful exploit will result in the disclosure of potentially sensitive information.

CVE-2010-3243 (BID 43703) Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability (MS Rating: Important / Symantec Rating: 5.7/10)

A cross-site scripting issue affects the ‘toStaticHtml’ API of Internet Explorer. An attacker can exploit this issue to bypass intended security restrictions and execute arbitrary script code in the context of the currently logged-in user.

CVE-2010-3324 (BID 42467) (BID 42467) Internet Explorer 8 'toStaticHTML()' HTML Sanitization Bypass Weakness (MS Rating: Important / Symantec Rating: 5.7/10)

A previously public (August 16, 2010) cross-site-scripting issue affects the ‘toStaticHtml’ API of Internet Explorer. An attacker can exploit this issue to bypass intended security restrictions and execute arbitrary script code in the context of the currently logged-in user.

CVE-2010-3325 (BID 42993) Microsoft Internet Explorer CSS Handling Cross Domain Information Disclosure Vulnerability (MS Rating: Important / Symantec Rating: 5.7/10)

A cross-domain information-disclosure issue affects Internet Explorer when processing Cascading Style Sheet (CSS) special characters. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious Web page. A successful exploit will result in the disclosure of potentially sensitive content across domains.

CVE-2010-3326 (BID 43696) Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Internet Explorer when it accesses an object that has not been properly initialized or has been deleted. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a Web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

CVE-2010-3327 (BID 43704) Microsoft Internet Explorer Anchor Element Information Disclosure Vulnerability (MS Rating: Moderate / Symantec Rating: 5.7/10)

An information-disclosure issue affects Internet Explorer because it improperly handles the ‘Anchor’ element. This may result in deleted data to not be deleted properly, potentially resulting in the disclosure of sensitive information.

CVE-2010-3328 (BID 43705) Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Internet Explorer when it accesses an object that has not been properly initialized or has been deleted. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a Web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

CVE-2010-3329 (BID 43706) Microsoft Internet Explorer Uninitialized Memory Word Document Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Internet Explorer when it accesses an object that has not been properly initialized or has been deleted. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a Web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

CVE-2010-3330 (BID 43709) Microsoft Internet Explorer Cross Domain Information Disclosure Vulnerability (MS Rating: Important / Symantec Rating: 5.7/10)

A cross-domain information-disclosure issue affects Internet Explorer when processing Cascading Style Sheet (CSS) data. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious Web page. A successful exploit will result in the disclosure of potentially sensitive content across domains.

CVE-2010-3331 (BID 43707) Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects Internet Explorer when it accesses an object that has not been properly initialized or has been deleted. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a Web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

2. MS10-076 Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)

CVE-2010-1883 (BID 43775) Microsoft Windows Embedded OpenType Font Engine Integer Overflow Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)

A remote code-execution vulnerability affects the Windows Embedded OpenType Font technology when parsing certain tables in embedded fonts. An attacker can exploit this issue by tricking an unsuspecting victim into viewing an email attachment or Web page containing embedded fonts. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

3. MS10-079 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)

Microsoft is addressing 11 remote code-execution vulnerabilities in Word. An attacker can exploit these issues by tricking an unsuspecting victim into opening a malicious Word file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

CVE-2010-2747 (BID 43754) Microsoft Word Uninitialized Pointer Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-2748 (BID 43765) Microsoft Word Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-2750 (BID 43766) Microsoft Word Index Value Handling Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3214 (BID 43760) Microsoft Word Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3215 (BID 43767) Microsoft Word Return Value Handling Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3216 (BID 43769) Microsoft Word Bookmark Handling Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3217 (BID 43770) Microsoft Word Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3218 (BID 43771) Microsoft Word Malformed Record Value Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3219 (BID 43782) Microsoft Word Index Value Parsing Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3220 (BID 43783) Microsoft Word Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3221 (BID 43784) Microsoft Word Record Value Parsing Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

4. MS10-080 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)

Microsoft is addressing 13 remote code execution vulnerabilities in Excel. An attacker can exploit these issues by tricking an unsuspecting victim into opening a malicious Excel file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

CVE-2010-3230 (BID 43643) Microsoft Excel Record Parsing (CVE-2010-3230) Integer Overflow Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3231 (BID 43647) Microsoft Excel Record Parsing Remote Memory Corruption Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3232 (BID 43646) Microsoft Excel Record Format Parsing Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3233 (BID 43644) Microsoft Excel Lotus 1-2-3 Workbook Parsing Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3234 (BID 43649) Microsoft Excel Formula Substream Memory Corruption Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3235 (BID 43650) Microsoft Excel BIFF Record Parsing Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3236 (BID 43651) Microsoft Excel Out of Bounds Array Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3237 (BID 43652) Microsoft Excel Merge Cell Record Pointer Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3238 (BID 43653) Microsoft Excel Negative Future Function Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3239 (BID 43654) Microsoft Excel Record Validation Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3240 (BID 43655) Microsoft Excel Record Validation Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3241 (BID 43656) Microsoft Excel Out-of-Bounds Memory Write Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

CVE-2010-3242 (BID 43657) Microsoft Excel Ghost Record Type Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10)

5. MS10-082 Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)

CVE-2010-2745 (BID 43772) Microsoft Windows Media Player Remote Code Execution Vulnerability (MS Rating: Important / Symantec Rating: 7.1/10) A remote code-execution vulnerability affects Media Player because it improperly deallocates objects during a reload operating in a Web browser. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a Web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

6. MS10-075 Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)

CVE-2010-3225 (BID 43776) Windows Media Player Network Sharing Service RTSP Use After Free Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.8/10)

A remote code-execution vulnerability affects Windows Media Player Network sharing service when processing Real Time Streaming Protocol (RTSP) packets. An attacker can exploit this issue by sending a specially crafted RTSP packet to a vulnerable computer. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the Network Service account.

More information on these and the other vulnerabilities being addressed this month is available at Symantec’s free SecurityFocus portal and to our customers through the DeepSight Threat Management System.