Security News

Microsoft Security Bulletins Coverage (Sep 15, 2010)

By

SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of September, 2010. A list of issues reported, along with SonicWALL coverage information follows:

MS10-061 Vulnerability in Print Spooler Service Could Allow Remote Code Execution

  • CVE-2010-2729 – Print Spooler Service Impersonation Vulnerability
    IPS 5686 MS Print Spooler Service Executable File Reception
    IPS 5691 MS Print Spooler Service Remote Code Execution PoC (MS10-061)

MS10-062 Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution

  • CVE-2010-0818 – MPEG-4 Codec Vulnerability
    IPS 5694 MS MPEG-4 Codec Remote Code Execution PoC (MS10-062)

MS10-063 Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution

  • CVE-2010-2738 – Uniscribe Font Parsing Engine Memory Corruption Vulnerability
    Note: There are no known public exploits targeting this vulnerability.

MS10-064 Vulnerability in Microsoft Outlook Could Allow Remote Code Execution

  • CVE-2010-2728 – Heap Based Buffer Overflow in Outlook Vulnerability
    SPY 1814 Malicious RTF File Download

MS10-065 Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution

  • CVE-2010-1899 – IIS Repeated Parameter Request Denial of Service Vulnerability
    Note: There is no way to differentiate malformed and legitimate traffic.

  • CVE-2010-2730 – Request Header Buffer Overflow Vulnerability
    IPS 5689 Excessive HTTP Request Headers Attempt

  • CVE-2010-2731 – Directory Authentication Bypass Vulnerability
    IPS 5687 MS IIS Directory Authentication Bypass Attempt

MS10-066 Vulnerability in Remote Procedure Call Could Allow Remote Code Execution

  • CVE-2010-2567 – RPC Memory Corruption Vulnerability
    Note: There is no way to differentiate malformed and legitimate traffic.

MS10-067 Vulnerability in WordPad Text Converters Could Allow Remote Code Execution

  • CVE-2010-2563 – WordPad Word 97 Text Converter Memory Corruption Vulnerability
    Note: There are no known public exploits targeting this vulnerability.

MS10-068 Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege

  • CVE-2010-0820 – LSASS Heap Overflow Vulnerability
    Note: There are no known public exploits targeting this vulnerability.

MS10-069 Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege

  • CVE-2010-1891 – CSRSS Local Elevation of Privilege Vulnerability
    Note: Local elevation of privilege
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
Cyber Security News & Trends – 08-23-19
450+ Financial Android apps targeted by a multifaceted malware that uses Covid theme
OpenSSL X509 Certificate Vulnerabilities
Holiday Shopping Season: Increased Online Shopping and Increased Malicious Email Threats (Dec 4, 2015)
Citrix NetScaler ADC/Gateway Directory Traversal Vulnerability
How To Own A Web Server By Writing An Email (Jan 4, 2017)
Microsoft Windows TrueType Parsing Engine Code Execution (Nov 3, 2011)
Ranbyus Banking Trojan, Cousin of Zbot