Welcome to Smokey's Security Forums.
Guests have only limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

It’s a slow month for Microsoft, as far as patch releases go.
Microsoft Patches 8 Vulnerabilities in Windows and Office.
Windows 7 is not affected in the default configuration.

Microsoft Patches 8 Vulnerabilities in Windows and Office

OTL Log Analysis and Malware Removal - Qualified PC Disinfection & Cleaning - Microsoft Security Info & Alert Center - Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on Del.icio.usShare this topic on DiggShare this topic on RedditShare this topic on StumbleUponShare this topic on TwitterAuthorTopic: Bulletin MS10-002 Released  (Read 115 times)

0 Members and 1 Guest are viewing this topic.

GilbertTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: Arctic
  • Posts: 5867
Bulletin MS10-002 Released
« Reply #1 on: January 21, 2010, 08:00:33 PM »
Bulletin MS10-002 Released
21 January 2010, 6:30 pm

Hello,

Today we released Security Bulletin MS10-002 out-of-band to address vulnerabilities in Internet Explorer. All customers using currently supported versions of Windows and Internet Explorer should apply this update as soon as possible. Once applied, customers are protected against the known attacks that have been widely publicized. For customers using automatic updates, this update will automatically be applied once it is released.

I also wanted to clarify some information that we included in our update to Security Advisory 979352 yesterday. We let customers know that there are other applications that may use mshtml.dll as a rendering engine and if those applications allow active scripting, they can be used as an attack vector. Customers who install today’s update are NOT vulnerable and are protected from all known attack vectors. These applications are NOT vulnerable and no security updates are needed for them. Installing today’s Internet Explorer update addresses the vulnerability across all applications.

As we noted in our blog post yesterday, this Internet Explorer security update was already planned for release in February. When the attack discussed in Security Advisory 979352 was first brought to our attention on Jan 11, we quickly released an advisory for customers two days later. As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September.

For a detailed review of today’s bulletin, please join Adrian Stone and I today for a live webcast where we will try to answer your questions in real time. Registration information:

Date: Thursday Jan 21    

Time: 1:00 p.m. PST (UTC -8)    

Registration: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032440627

Hope to see you there!

Jerry Bryant

 

*This posting is provided "AS IS" with no warranties, and confers no rights.*



Source: The Microsoft Security Response Center (MSRC)

>> To obtain the full Microsoft Security Center - MSRC article, click the link in the first post line <<
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
 BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content Copyright © 2006 - 2010 Smokey Services™ -- All rights reserved

Surf Smokey's with confidence: all external links in posts are checked and rated by WOT - Web of Trust
Security Knowledge-, Alert- & News Center and Comprehensive Microsoft Windows Information & Download Center
Board- and databases search functions and the download of post attachments are only available to registered board members

    


==>Think your PC is infected? Click here for OTL Log Analysis and Malware Removal Assistance<==


Smokey's Security Forums provide full qualified OTL Log Analysis & Cleaning Services
OTL (formerly OTListIt2) by OldTimer is a sophisticated, comprehensive log analysis tool to clean PCs with malicious content

Microsoft Security Info & Alert Center - most recent, real-time released Microsoft Security Bulletins, Alerts, Advisories and Vulnerabilities:
<div style="background-color: none transparent;"><a href="http://www.rsspump.com/?web_widget/rss_widget" title="rss widget">Rss widget</a></div>