what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Technical Cyber Security Alert 2010-131A

Technical Cyber Security Alert 2010-131A
Posted May 12, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-131A - Microsoft has released updates to address vulnerabilities in Microsoft Outlook Express, Microsoft Windows Mail, Microsoft Windows Live Mail, Microsoft Office, and Microsoft Visual Basic for Applications.

tags | advisory, vulnerability
systems | windows
SHA-256 | 734937a93aad140f993320ea92d9ed2ca13f36c93bab8370832391104cef175e

Technical Cyber Security Alert 2010-131A

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA10-131A


Microsoft Updates for Multiple Vulnerabilities

Original release date: May 11, 2010
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Outlook Express
* Microsoft Windows Mail
* Microsoft Windows Live Mail
* Microsoft Office
* Microsoft Visual Basic for Applications
* third-party software that uses Visual Basic for Applications


Overview

Microsoft has released updates to address vulnerabilities in
Microsoft Outlook Express, Microsoft Windows Mail, Microsoft
Windows Live Mail, Microsoft Office, and Microsoft Visual Basic for
Applications.


I. Description

Microsoft has released security bulletins for multiple
vulnerabilities in Microsoft Outlook Express, Microsoft Windows
Mail, Microsoft Windows Live Mail, Microsoft Office, and Microsoft
Visual Basic for Applications. These bulletins are described in the
Microsoft Security Bulletin Summary for May 2010.

Third-party software that distributes VBE6.DLL may also be
affected. If the third-party application follows the best practices
for using a shared component as a side-by-side assembly, then the
component will be updated by the update provided by MS10-031.
Otherwise, you should contact the vendor to obtain an updated
version of the application with the fixed VBE6.DLL file.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code or
cause a vulnerable application to crash.


III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for May 2010. The security
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. Administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS).


IV. References

* Microsoft Security Bulletin Summary for May 2010 -
<http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx>

* Microsoft Security Bulletin MS10-031 - Critical -
<http://www.microsoft.com/technet/security/bulletin/ms10-031.mspx>

* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA10-131A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA10-131A Feedback VU#617092" in
the subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2010 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

May 11, 2010: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS+m0fz6pPKYJORa3AQI3NQf/RhDVC52OJXDRHyTEdRHRgIkaR1oIH2iC
StFdl15uF5Ym0eAqz6H8E7DxvG8gCnflPjvocyLC6dFfyV/k1E12HMou0tH0cfAZ
3DsjI77irngiN3tCN0vansmBnM5uiacveQRPP4thcjGy9BeVxzhsUar759pTt85e
6Mytazl54yINv71OftNpCdSJ++8J4k3l68rIUlXerdhdK5Z5N21TDlOdx33OwMcU
2FeseljNK7iDTlN133SPgwfL9DiipdGncjbIpoGnDt+/MRV7OFXA8U9SQP5DairD
uDtd96navz10+XADrGlhdbMr1w4kpKz4Z2I+Lxa+CIQvqcvav4+NEg==
=RAsv
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close