Microsoft yesterday released security patches for Windows and Office products on their monthly Patch Tuesday. A total of two security bulletins have been released by Microsoft that patch flaws in Microsoft Excel, Windows Movie Maker and Microsoft Producer 2003.
The severity of both security bulletins has been rated as important. Attackers can exploit the issues for remote code execution.
The security updates are offered through the usual channels including Windows Update, Microsoft Update or directly from Microsoft websites.
- MS10-016 – Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561) – This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- MS10-017 – Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) – This security update resolves seven privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Users who have Microsoft Excel, Microsoft Producer 2003 or Windows Movie Maker installed should install the security patches right away to protect their computer system from exploits that target those vulnerabilities.
Related Articles:
Microsoft Security Updates May 2010Microsoft Security Updates June 2010
Microsoft Security Updates July 2010
Microsoft Security Updates April 2010
Microsoft Security Updates February 2010
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.
Again thank you so much for this (monthly) very helpful guide.
I had two on my 64 bit and none on my 32 bit except for the malicious software tool – probably because I don’t have the software mentioned.
Security Update for Windows 7 for x64-based Systems (KB975561)
Update for Windows 7 for x64-based Systems (KB976264)
At least I detected them yesterday.