Public Safety Canada
Symbol of the Government of Canada
Skip to content | Skip to institutional links

Common menu bar links | Liens de navigation communs

Skip Navigation Links Home > Programs > Response > CCIRC > Analytical releases 2010 > AV10-029: Microsoft Security Bulletin Summary for August 2010

Institutional links

Microsoft Security Bulletin Summary for August 2010

Number: AV10-029
Date: 10 August 2010

Purpose

The purpose of this advisory is to bring attention to the monthly Microsoft security bulletin which addresses 14 vulnerabilities and of those, 8 are considered critical.

Assessment

Microsoft has released the following security bulletins:

MS10-047 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852)
Details: The security update addresses the vulnerabilities by correcting Windows kernel object initialization and validation of access control lists and by introducing additional runtime validation to the thread creation mechanism.
Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Windows XP, Vista, Server 2008, Windows 7, Server 2008 R2.
CVE reference: CVE-2010-1888, CVE-2010-1889, CVE-2010-1890
http://www.microsoft.com/technet/security/bulletin/MS10-047.mspx

MS10-048 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329)
Details: This security update resolves one publicly disclosed and four privately reported vulnerabilities in the Windows kernel-mode drivers. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7, Server 2008 R2.
CVE reference: CVE-2010-1887, CVE-2010-1894, CVE-2010-1895, CVE-2010-1896, CVE-2010-1897
http://www.microsoft.com/technet/security/bulletin/MS10-048.mspx

MS10-049 - Vulnerabilities in SChannel Could Allow Remote Code Execution (980436)
Details: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted Web site that is designed to exploit these vulnerabilities through an Internet Web browser.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Critical
Maximum Exploitability Index: 2 - Inconsistent exploit code likely
Affected Products: Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7, Server 2008 R2.
CVE reference: CVE-2009-3555, CVE-2010-2566
http://www.microsoft.com/technet/security/bulletin/MS10-049.mspx

MS10-050 - Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (981997)
Details: This security update resolves a privately reported vulnerability in Windows Movie Maker. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Important
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products:  Movie Maker 2.1, Movie Maker 6.0
CVE reference: CVE-2010-2564
http://www.microsoft.com/technet/security/bulletin/MS10-050.mspx

MS10-051 - Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)
Details: This security update resolves a privately reported vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Critical
Maximum Exploitability Index: 2 - Inconsistent exploit code likely
Affected Products: Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7, Server 2008 R2.
CVE reference: CVE-2010-2561
http://www.microsoft.com/technet/security/bulletin/MS10-051.mspx

MS10-052 - Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168)
Details: This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Critical
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Windows XP, Server 2003.
CVE reference: CVE-2010-1882
http://www.microsoft.com/technet/security/bulletin/MS10-052.mspx

MS10-053 - Cumulative Security Update for Internet Explorer (2183461)
Details: This security update resolves six privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Critical
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Internet Explorer 6, 7, and 8.
CVE reference: CVE-2010-1258, CVE-2010-2556, CVE-2010-2557, CVE-2010-2558, CVE-2010-2559, CVE-2010-2560
http://www.microsoft.com/technet/security/bulletin/MS10-053.mspx

MS10-054 - Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)
Details: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Critical
Maximum Exploitability Index: 2 - Inconsistent exploit code likely
Affected Products: Microsoft Windows XP, Server 2003, Vista, Server 2008, Windows 7, Server 2008 R2.
CVE reference: CVE-2010-2550, CVE-2010-2551, CVE-2010-2552
http://www.microsoft.com/technet/security/bulletin/MS10-054.mspx

MS10-055 - Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)
Details: This security update resolves a privately reported vulnerability in Cinepak Codec. The vulnerability could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Critical
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Windows XP, Vista, Windows 7.
CVE reference: CVE-2010-2553
http://www.microsoft.com/technet/security/bulletin/MS10-055.mspx

MS10-056 - Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638)
Details: This security update resolves four privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens or previews a specially crafted RTF e-mail message. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Critical
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Office Word 2002 SP3, Word 2003 SP3, Word 2007 SP2, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Word Viewer, Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats SP2, Microsoft Works 9.
CVE reference: CVE-2010-1900, CVE-2010-1901, CVE-2010-1902, CVE-2010-1903
http://www.microsoft.com/technet/security/bulletin/MS10-056.mspx

MS10-057 - Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707)
Details: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
Impact of Vulnerability: Remote Code Execution 
Maximum Severity Rating: Important
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Office Excel 2002 SP3, Office Excel 2003 SP3, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac
CVE reference: CVE-2010-2562
http://www.microsoft.com/technet/security/bulletin/MS10-057.mspx

MS10-058 - Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)
Details: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege due to an error in the processing of a specific input buffer. An attacker who is able to log on to the target system could exploit this vulnerability and run arbitrary code with system-level privileges.
Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2.
CVE reference: CVE-2010-1892, CVE-2010-1893
http://www.microsoft.com/technet/security/bulletin/MS10-058.mspx

MS10-059 - Vulnerabilities in the Tracing Feature for Services Could Allow an Elevation of Privilege (982799)
Details: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in the Tracing Feature for Services. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2.
CVE reference: CVE-2010-2554, CVE-2010-2555
http://www.microsoft.com/technet/security/bulletin/MS10-059.mspx

MS10-060 - Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
Details: This security update resolves two privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in convincing a user to run a specially crafted Microsoft .NET application.
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Maximum Exploitability Index: 1 - Consistent exploit code likely
Affected Products: Microsoft .NET Framework 2.0 and 2.0 SP2, .NET Framework 3.5 and 3.5 SP1, .NET Framework 3.5.1, Silverlight 2 and 3.
CVE reference: CVE-2010-0019, CVE-2010-1898
http://www.microsoft.com/technet/security/bulletin/MS10-060.mspx

Suggested action

CCIRC recommends that administrators test and deploy these updates at the earliest opportunity.

References:
http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx

Note to Readers

The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security.

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: communications@ps-sp.gc.ca

Date Modified: 2010-08-10
Top of Page
Top of Page
Important Notices