Patch Tuesday Analysis for October 2010

Most of the 16 bulletins released this cycle are for Workstations as usual – but not all. On MS10-073 attention should be given first to XP workstations. All other supported versions do not have an attack vector at present. Running ASP.NET web sites – especially hosting other peoples websites? Don’t miss MS10-077. A custom ASP.NET page could allow someone to break out of their “sandbox” and attack the server.

Bulletin	Exploit Types /Technologies Affected	System Types Affected	Exploit details public? / Being exploited?	Comprehensive, practical workaround available?	MS severity rating	Products Affected	Notes	Randy's recommendation
MS10-077 2160841	Arbitrary code / .Net Framework	Workstations Terminal Servers Web Hosting Servers	No/No	No	Critical	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7		Patch web hosting servers after accellerated testing. Patch others after normal testing.
MS10-085 2207566	Denial of service / Windows	Web Servers	No/No	No	Important	Vista Server 2008 Server 2008 R2 Windows 7	Restart Req'd	Patch after testing
MS10-078 2279986	Privilege elevation / Windows	Workstations Terminal Servers	No/No	No	Important	XP Server 2003	Third party browsers also affected	Patch after testing
MS10-075 2281679	Arbitrary code / Windows Media Player	Workstations	No/No	Yes	Critical	Vista Windows 7		Patch after testing
MS10-079 2293194	Arbitrary code / Office Word	Workstations Terminal Servers	No/No	No	Important	Office 2003 Office 2007 Word Viewer Office 2004 for Mac Office 2008 for Mac Office Converter Pack Office 2002 Open XML Converter for MAC Web Apps Office 2010	11 vulnerabilities	Patch after testing
MS10-080 2293211	Arbitrary code / Microsoft Office	Workstations Terminal Servers	No/No	No	Important	Office 2003 Office 2007 Office 2004 for Mac Office 2008 for Mac Comp. Pack for Office 2007 Excel Viewer Office 2002 Open XML Converter for MAC	13 vulnerabilities	Patch after testing
MS10-086 2294255	Tampering / Windows	Servers	No/No	Yes	Moderate	Win2008 R2	Restart Req'd	Patch after testing
MS10-081 2296011	Arbitrary code / Windows	Workstations Terminal Servers	No/No	No	Important	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7		Patch after testing
MS10-071 2360131	Arbitrary code / Internet Explorer	Workstations Terminal Servers	Yes/No	No	Critical	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7	Cumulative Update; Restart Req'd	Patch after testing
MS10-084 2360937	Privilege elevation / Windows	Workstations Terminal Servers	Yes/No	No	Important	XP Server 2003	Restart Req'd	Patch after testing
MS10-082 2378111	Arbitrary code / Windows Media Player	Workstations Terminal Servers	No/No	Yes	Important	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7		Patch after testing
MS10-074 2387149	Arbitrary code / Windows	Workstations Terminal Servers	Yes/No	No	Moderate	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7		Patch after testing
MS10-083 2405882	Arbitrary code / Windows	Workstations Terminal Servers	No/No	No	Important	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7	Restart Req'd	Patch after testing
MS10-072 2412048	Information disclosure / SafeHTML	Workstations Terminal Servers	Yes/No	No	Important	SharePoint Services 3.0 SharePoint Foundation 2010 SharePoint Server 2007 Groove Server 2010 Web Apps		Patch after testing
MS10-073 981957	Privilege elevation / Windows	Workstations Terminal Servers	Yes/Yes	No	Important	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7	Restart Req'd	Patch after testing
MS10-076 982132	Arbitrary code / EOT Font Engine	Workstations Terminal Servers	No/No	Yes	Critical	XP Vista Server 2003 Server 2008 Server 2008 R2 Windows 7		Patch after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime.

"Thank you. I am very glad I subscribed to this newsletter. Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

- Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Tuesday Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.

Upcoming Webinars

Additional Resources

Patch Analysis

•	Analysis Criteria
•	Patch Tuesday History
•	Research Patches

Follow @randyfsmith

About | Newsletter | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2013 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.