Skip to main content
MSRC

2010

Update on Security Advisory 2269637

Tuesday, August 31, 2010

Hi everyone, Since we released Security Advisory 2269637 on August 23, we’ve continued to conduct an investigation not only into our own affected products, but also into how we can best help to protect customers given DLL preloading also affects some third-party applications. We’d like to provide an update on our investigation.

More information about the DLL Preloading remote attack vector

Monday, August 23, 2010

Today we released Security Advisory 2269637 notifying customers of a remote attack vector to a class of vulnerabilities affecting applications that load DLL’s in an insecure manner. The root cause of this issue has been understood by developers for some time. However, last week researchers published a remote attack vector for these issues, whereas in the past, these issues were generally considered to be local and relatively low impact.

Microsoft Security Advisory 2269637 Released

Saturday, August 21, 2010

Overview Today we released MicrosoftSecurity Advisory 2269637. This is different from other Microsoft Security Advisories because it’s not talking about specific vulnerabilities in Microsoft products. Rather, this is our official guidance in response to security research that has outlined a new, remote vector for a well-known class of vulnerabilities, known as DLL preloading or “binary planting” attacks.

August 2010 Webcast and QA

Thursday, August 12, 2010

Hello, Today we published the Questions & Answers from the August 2010 Security Bulleting webcast. We answered a total of 17 questions concerning the March bulletins and open Security Advisories. No particular themes emerged from the questions but there were some good ones so please review them. The video covers the core part of the presentation Adrian Stone and I gave during the webcast.

Assessing the risk of the August security updates

Tuesday, August 10, 2010

Today we releasedfourteen security bulletins. Eight have a maximum severity rating of Critical with the other six having a maximum severity rating of Important. Furthermore, six of the fourteen bulletins either do not affect the latest version of our products or affect them with reduced severity. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.

August 2010 Security Bulletin Release

Tuesday, August 10, 2010

Hello all. As part of our usual cycle of monthly updates, today Microsoft is releasing 14 security bulletins, addressing 34 vulnerabilities. Eight of those bulletins have a Critical severity rating, and we consider four of those to be high-priority deployments: MS10-052 This bulletin resolves a privately reported vulnerability in Microsoft’s MPEG Layer-3 audio codecs.

MS10-048 an explanation of the Defense in Depth fixes

Tuesday, August 10, 2010

Today we released several fixes on MS10-048 affecting the win32k.sys kernel component. The most severe vulnerability allows a local user to perform an authenticated elevation of privileges, with no possible remote vector. This update also includes several “Defense in Depth” measures that correct potential integer overflows in unrealistic scenarios. In this blog post we are going to walk you through these vulnerabilities to help explain the technical reasoning behind the DiD rating.