Patch Tuesday Analysis for October 2010

Most of the 16 bulletins released this cycle are for Workstations as usual – but not all. On MS10-073 attention should be given first to XP workstations. All other supported versions do not have an attack vector at present. Running ASP.NET web sites – especially hosting other peoples websites? Don’t miss MS10-077. A custom ASP.NET page could allow someone to break out of their “sandbox” and attack the server.

BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS10-077

2160841
Arbitrary code

/ .Net Framework
Workstations
Terminal Servers
Web Hosting Servers
No/NoNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
 Patch web hosting servers after accellerated testing. Patch others after normal testing.
MS10-085

2207566
Denial of service

/ Windows
Web Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Restart Req'dPatch after testing
MS10-078

2279986
Privilege elevation

/ Windows
Workstations
Terminal Servers
No/NoNoImportant XP
Server 2003
Third party browsers also affectedPatch after testing
MS10-075

2281679
Arbitrary code

/ Windows Media Player
Workstations
No/NoYesCritical Vista
Windows 7
 Patch after testing
MS10-079

2293194
Arbitrary code

/ Office Word
Workstations
Terminal Servers
No/NoNoImportant Office 2003
Office 2007
Word Viewer
Office 2004 for Mac
Office 2008 for Mac
Office Converter Pack
Office 2002
Open XML Converter for MAC
Web Apps
Office 2010
11 vulnerabilitiesPatch after testing
MS10-080

2293211
Arbitrary code

/ Microsoft Office
Workstations
Terminal Servers
No/NoNoImportant Office 2003
Office 2007
Office 2004 for Mac
Office 2008 for Mac
Comp. Pack for Office 2007
Excel Viewer
Office 2002
Open XML Converter for MAC
13 vulnerabilitiesPatch after testing
MS10-086

2294255
Tampering

/ Windows
Servers
No/NoYesModerate Win2008 R2
Restart Req'dPatch after testing
MS10-081

2296011
Arbitrary code

/ Windows
Workstations
Terminal Servers
No/NoNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
 Patch after testing
MS10-071

2360131
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
Yes/NoNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Cumulative Update; Restart Req'dPatch after testing
MS10-084

2360937
Privilege elevation

/ Windows
Workstations
Terminal Servers
Yes/NoNoImportant XP
Server 2003
Restart Req'dPatch after testing
MS10-082

2378111
Arbitrary code

/ Windows Media Player
Workstations
Terminal Servers
No/NoYesImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
 Patch after testing
MS10-074

2387149
Arbitrary code

/ Windows
Workstations
Terminal Servers
Yes/NoNoModerate XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
 Patch after testing
MS10-083

2405882
Arbitrary code

/ Windows
Workstations
Terminal Servers
No/NoNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Restart Req'dPatch after testing
MS10-072

2412048
Information disclosure

/ SafeHTML
Workstations
Terminal Servers
Yes/NoNoImportant SharePoint Services 3.0
SharePoint Foundation 2010
SharePoint Server 2007
Groove Server 2010
Web Apps
 Patch after testing
MS10-073

981957
Privilege elevation

/ Windows
Workstations
Terminal Servers
Yes/YesNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Restart Req'dPatch after testing
MS10-076

982132
Arbitrary code

/ EOT Font Engine
Workstations
Terminal Servers
No/NoYesCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
 Patch after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Tuesday Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.