Microsoft Security Bulletin Release: April 2010
This month we 11 security bulletin releases for newly discovered vulnerabilities. Please see the details below for all the information.
| Bulletin ID | Bulletin Title | Max Severity Rating | Vulnerability Impact | Restart Requirement | Affected Software |
| Vulnerabilities in Windows Could Allow Remote Code Execution (981210) | Critical | Remote Code Execution | Requires restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. | |
| Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) | Critical | Remote Code Execution | Requires restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. | |
| Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) | Important | Elevation of Privilege | Requires restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. | |
| Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169) | Important | Remote Code Execution | May require restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. | |
| Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160) | Important | Remote Code Execution | May require restart | Microsoft Office Publisher 2002, Publisher 2003, and Publisher 2007 | |
| Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) | Important | Denial of Service | Requires restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Exchange 2000 Server SP3, Exchange Server 2003 SP2, Exchange Server 2007, and Exchange Server 2010. | |
| Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) | Critical | Remote Code Execution | Requires restart | Microsoft Windows 2000 Server | |
| Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816) | Critical | Remote Code Execution | May require restart | Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. | |
| Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402) | Critical | Remote Code Execution | May require restart | Microsoft Windows 2000 and Windows XP. | |
| Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) | Important | Remote Code Execution | May require restart | Microsoft Office Visio 2002, Visio 2003, and Visio 2007 | |
| Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338) | Moderate | Spoofing | Requires restart | Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. | |
Microsoft Windows Malicious Software Removal Tool
We are also releasing an updated version of the Windows Malicious Software Removal Tool on Windows Update, Windows Server Update Services and the Download Centre. More details can be found here.
I’ve said this many times on this blog and in many presentations I’ve done over the years. Keep you systems up to date and you will minimize vulnerabilities in those systems. The reason I post these security bulletins every month is to remind people of that fact. Just the other day I heard of customer who hadn’t updated the virus definitions since 2008! No wonder people have issues! Patching is important and should be something you have in you PC and server maintenance schedule. It just has to be done. That’s all!
Technorati Tags: Patching,WSUS,Updates,Security Bulletins
Jeffa