Microsoft Security Bulletin Release: February 2010
Today we have released 13 new security bulletins. Please see the details below for more details of the updates and make sure you apply them to your environments where necessary.
| Bulletin ID | Bulletin Title | Max Severity Rating | Vulnerability Impact | Restart Requirement | Affected Software |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
| ||
|
|
|
|
|
| |
|
|
|
|
|
| |
If you would like a summary of the bulletins please go here.
Microsoft Windows Malicious Software Removal Tool
We are also releasing a new version of the Windows Malicious Software Removal Tool. You can get more details here.
New Security Advisory
Also as part of this month’s security bulletin we are releasing a new security advisory. More details below.
Identifier |
Vulnerability in TLS/SSL Could Allow Spoofing (977377) |
Summary |
Microsoft is investigating public reports of a vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols . At this time, Microsoft is not aware of any attacks attempting to exploit the reported vulnerability. As an issue affecting an Internet standard, we recognize that this issue affects multiple vendors. We are working on a coordinated response with our partners in the Internet Consortium for Advancement of Security on the Internet (ICASI). The TLS and SSL protocols are implemented in several Microsoft products, both client and server, and this advisory will be updated as our investigation continues. As part of this security advisory, Microsoft is making available a workaround which enables system administrators to disable TLS and SSL renegotiation functionality. However, as renegotiation is required functionality for some applications, this workaround is not intended for wide implementation and should be tested extensively prior to implementation. Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, depending on customer needs. |
Affected Software |
|
Recommendations |
Review Microsoft Security Advisory 977377 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQs), and links to additional resources. |
Additional Resources |
|
Technorati Tags: Security Bulletins,Update,Patching
Jeffa