DP's Security Bits

Language(s): English.
Product(s): Security.
Audience(s): IT Decision Maker,IT Generalist.

Duration: 90 Minutes
Start Date: Tuesday, September 28, 2010 1:00 PM Pacific Time (US & Canada)

Event Overview

Microsoft is releasing an Out-of-Band Security bulletin which addresses a security vulnerability in all supported editions of Windows.  Please join us Tuesday, September 28 at 1:00 p.m. PDT (UTC -8) for a public webcast where we will present information on the bulletin and take customer questions.

Presenter: Dave Forstrom, Director, Response Communications and Dustin Childs, Senior Security Manager

Register Online

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···sep.mspx

Important (1)

Microsoft Security Bulletin MS10-070
Vulnerability in ASP.NET Could Allow Information Disclosure (2418042)
»www.microsoft.com/technet/securi···070.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

.

Summary

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.

Adobe recommends users of Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.1.85.3, and users of Adobe Flash Player 10.1.92.10 for Android update to Adobe Flash Player 10.1.95.1.

Affected software versions

Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.92.10 for Android.

To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.

Solution

Adobe recommends all users of Adobe Flash Player 10.1.53.64 and earlier versions upgrade to the newest version 10.1.82.76 by downloading it from the Adobe Flash Player Download Center or by installing it via the auto-update mechanism within the product when prompted.

Security Bulletin

The Mozilla Foundation has released Firefox 3.5.13 and 3.6.10 to address a stability issue affecting some users.

Review the release notes for Firefox 3.5.13 and Firefox 3.6.10

Google has released Chrome 6.0.472.59 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

http://www.us-cert.gov/current/index.html#google_releases_chrome_6_01

Register Online

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···sep.mspx

Critical (4)

Microsoft Security Bulletin MS10-061
Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)
»www.microsoft.com/technet/securi···061.mspx

Microsoft Security Bulletin MS10-062
Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution (975558)
»www.microsoft.com/technet/securi···062.mspx

Microsoft Security Bulletin MS10-063
Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2320113)
»www.microsoft.com/technet/securi···063.mspx

Microsoft Security Bulletin MS10-064
Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2315011)
»www.microsoft.com/technet/securi···064.mspx

Important (5)

Microsoft Security Bulletin MS10-065
Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution (2267960)
»www.microsoft.com/technet/securi···065.mspx

Microsoft Security Bulletin MS10-066
Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (982802)
»www.microsoft.com/technet/securi···066.mspx

Microsoft Security Bulletin MS10-067
Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2259922)
»www.microsoft.com/technet/securi···067.mspx

Microsoft Security Bulletin MS10-068
Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege (983539)
»www.microsoft.com/technet/securi···068.mspx

Microsoft Security Bulletin MS10-069
Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege (2121546)
»www.microsoft.com/technet/securi···069.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

Microsoft Security Bulletin Advance Notification issued: September 9, 2010

This is an advance notification of security bulletins that Microsoft is intending to release on September 14, 2010.

Microsoft is planning to release 9 security bulletins:

4 rated Critical and 5 rated as Important.

http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx

Summary

A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.

Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.

Affected software versions

Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.

Severity rating

Adobe categorizes this as a critical issue.

Details

A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of public exploit code for this vulnerability.

Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.

Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date.

Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.

Full Advisory