Microsoft Security Updates March 2010
Microsoft released security patches yesterday for Windows and Office products on the monthly Patch Tuesday which is always on the second Tuesday of each month.
A total of three security bulletins have been released by Microsoft that patch flaws in Microsoft Excel, Windows Movie Maker and Microsoft Producer 2003.
The severity of both security bulletins has been rated as important which means that at least one program has received the severity rating while others may have received the same, a lesser one or none at all. Attackers can exploit the issues for remote code execution.
The security updates are offered through the usual channels including Windows Update, Microsoft Update or directly from Microsoft's Download Center website.
- MS10-016 - Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561) - This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- MS10-017 - Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) - This security update resolves seven privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- MS10-018 - Cumulative Security Update for Internet Explorer (980182) -Â This security update resolves nine privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Users who have Microsoft Excel, Microsoft Producer 2003 or Windows Movie Maker installed should install the security patches right away to protect their computer system from exploits that target those vulnerabilities.
I had two on my 64 bit and none on my 32 bit except for the malicious software tool – probably because I don’t have the software mentioned.
Security Update for Windows 7 for x64-based Systems (KB975561)
Update for Windows 7 for x64-based Systems (KB976264)
At least I detected them yesterday.
Again thank you so much for this (monthly) very helpful guide.