Affected software includes several Microsoft operating systems and Microsoft Office, take a look at the listing below for additional details on every security bulletin released today.

• Microsoft Security Bulletin MS10-042 – Critical
  Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593) – This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message.
• Microsoft Security Bulletin MS10-043 – Critical
  Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276) – This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.
• Microsoft Security Bulletin MS10-044 – Critical
  Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution – This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• Microsoft Security Bulletin MS10-045 – Important
  Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212) – This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights

microsoft security updates

microsoft patch day deployment priority

Affected software:

• MS10-042 – Windows XP, Windows XP Pro 64-bit, Windows Server 2003, Windows Server 2003 64-bit
• MS10-043 – Windows 7 for x64-based Systems, Windows Server 2008 R2 for x64-based Systems
• MS10-044 – Microsoft Office 2003 , Microsoft Office 2007
• MS10-045 – Microsoft Office XP, Microsoft Office 2003, Microsoft Office 2007

All vulnerabilities allow remote code execution on compromised systems. Additional information about this months’ patches are available at the Technet blog post.

The updates are already available via Windows Update but can also be downloaded from the Microsoft website in case they need to be deployed on computer systems without Internet connection.

windows update

The severity rating differs depending on the operating system and software version installed. Three security bulletins have a maximum security rating of critical, the most severe one, while the remaining seven are all rated as important.

Vulnerabilities affect various Windows operating systems from Windows 2000 to Windows 7, Microsoft Office, Internet Explorer, Microsoft Server and the Microsoft .net Framework.

• MS10-033 – Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902) – This security update resolves two privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS10-034 – Cumulative Security Update of ActiveX Kill Bits (980195) – This security update addresses two privately reported vulnerabilities for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Vista, and Windows 7, and Moderate for all supported editions of Windows Server 2003, Windows Server2008, and Windows Server 2008 R2.

  The vulnerabilities could allow remote code execution if a user views a specially crafted Web page that instantiates a specific ActiveX control with Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes kill bits for four third-party ActiveX controls.

• MS10-035 – Cumulative Security Update for Internet Explorer (982381) – This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS10-032 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559) –
  This security update resolves two publicly disclosed vulnerabilities and one privately reported vulnerability in the Windows kernel-mode drivers. The vulnerabilities could allow elevation of privilege if a user views content rendered in a specially crafted TrueType font.
• MS10-036 – Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235) – This security update resolves a privately reported vulnerability in COM validation in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel, Word, Visio, Publisher, or PowerPoint file with an affected version of Microsoft Office. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.
• MS10-037 – Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218) – This security update resolves a privately reported vulnerability in the Windows OpenType Compact Font Format (CFF) driver. The vulnerability could allow elevation of privilege if a user views content rendered in a specially crafted CFF font. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
• MS10-038 – Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) – This security update resolves fourteen privately reported vulnerabilities in Microsoft Office. The more severe vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS10-039 – Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554) – This security update resolves one publicly disclosed and two privately reported vulnerabilities in Microsoft SharePoint. The most severe vulnerability could allow elevation of privilege if an attacker convinced a user of a targeted SharePoint site to click on a specially crafted link.
• MS10-040 – Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666) – This security update resolves a privately reported vulnerability in Internet Information Services (IIS). The vulnerability could allow remote code execution if a user received a specially crafted HTTP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
• MS10-041 – Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) – This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering in signed XML content without being detected. In custom applications, the security impact depends on how the signed content is used in the specific application. Scenarios in which signed XML messages are transmitted over a secure channel (such as SSL) are not affected by this vulnerability.

It is advised to install the security patches immediately to protect the PC from exploits that are targeting unpatched computer systems. Additional information are provided by the Security Research & Defense team which offers additional information that are helpful for system administrators and advanced users.

Lastly there is the security bulletin overview which lists all relevant information.

Five of the updates have received a critical rating by Microsoft, the highest security rating. Seven were ranked as important which is the second highest rating and one as moderate. The security ratings can vary depending on the operating system and Office version used.

Microsoft Windows 7 users for instance will notice that the security updates have all received an important rating for their operating system while Windows 2000 or Windows XP users will notice that their operating systems have received the largest amount of critical ratings.

• Microsoft Security Bulletin MS10-006 – Critical – Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251) – his security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server.
  This security update is rated Critical for Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows 7, and Windows Server 2008 R2, and is rated Important for Windows Vista and Windows Server 2008.
• Microsoft Security Bulletin MS10-007 – Critical – Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713) – This security update resolves a privately reported vulnerability in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not impacted by this security update. The vulnerability could allow remote code execution if an application, such as a Web browser, passes specially crafted data to the ShellExecute API function through the Windows Shell Handler.
  This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003
• Microsoft Security Bulletin MS10-008 – Critical – Cumulative Security Update of ActiveX Kill Bits (978262) – his security update addresses a privately reported vulnerability for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000 and Windows XP, Important for all supported editions of Windows Vista and Windows 7, Moderate for all supported editions of Windows Server 2003, and Low for all supported editions of Windows Server 2008 and Windows Server 2008 R2.
• Microsoft Security Bulletin MS10-009 – Critical – Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145) – his security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if specially crafted packets are sent to a computer with IPv6 enabled. An attacker could try to exploit the vulnerability by creating specially crafted ICMPv6 packets and sending the packets to a system with IPv6 enabled. This vulnerability may only be exploited if the attacker is on-link.
  This security update is rated Critical for Windows Vista and Windows Server 2008.
• Microsoft Security Bulletin MS10-013 – Critical – Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935) – This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  This security update is rated Critical for all supported editions of Microsoft Windows except for all supported Itanium-based editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2, for which this security update is rated Important.
• Microsoft Security Bulletin MS10-003 – Important – Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214) – This security update resolves a privately reported vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  This security update is rated Important for all supported editions of Microsoft Office XP and Microsoft Office 2004 for Mac.
• Microsoft Security Bulletin MS10-004 – Important – Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416) – This security update resolves six privately reported vulnerabilities in Microsoft Office PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  This security update is rated Important for supported editions of Microsoft Office PowerPoint 2002 and Microsoft Office PowerPoint 2003, and Microsoft Office 2004 for Mac
• Microsoft Security Bulletin MS10-010 – Important – Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894) – his security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
  This security update is rated Important for all supported x64-based editions of Windows Server 2008 and Windows Server 2008 R2
• Microsoft Security Bulletin MS10-011 – Important – Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037) – This security update resolves a privately reported vulnerability in Microsoft Windows Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not affected. The vulnerability could allow elevation of privilege if an attacker logs on to the system and starts a specially crafted application designed to continue running after the attacker logs out. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.
  This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.
• Microsoft Security Bulletin MS10-012 – Important – Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468) – This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities.
  This security update is rated Important for all supported editions of Microsoft Windows.
• Microsoft Security Bulletin MS10-014 – Important – Vulnerability in Kerberos Could Allow Denial of Service (977290) – This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a specially crafted ticket renewal request is sent to the Windows Kerberos domain from an authenticated user on a trusted non-Windows Kerberos realm. The denial of service could persist until the domain controller is restarted.
  This security update is rated Important for all supported editions of Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008
• Microsoft Security Bulletin MS10-015 – Important – Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165) – his security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.
  This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 for 32-bit Systems.
• Microsoft Security Bulletin MS10-005 – Moderate – Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706) – This security update resolves a privately reported vulnerability in Microsoft Paint. The vulnerability could allow remote code execution if a user viewed a specially crafted JPEG image file using Microsoft Paint. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  This security update is rated Moderate for Microsoft Windows 2000, Windows XP, and Windows Server 2003

Updates can be downloaded and installed the usual ways. This includes through Windows Update, Microsoft Update, downloading the updates individually or downloading the security CD for February 2010 which will is provided by Microsoft after every patch day.

Microsoft Windows and Microsoft Office users are encouraged to update their computer systems as soon as possible to protect the PCs from possible exploits that could attack the systems successfully. The usual options to download the patches are provided including automatic updates, Windows updates, Microsoft update or manually by following the links posted in the different security bulletins.

• MS09-063 Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) – This security update resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability.
• MS09-064 – Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) – This security update resolves a privately reported vulnerability in Microsoft Windows 2000. The vulnerability could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter.
• MS09-065 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) – This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker’s site.
• MS09-066 – Vulnerability in Active Directory Could Allow Denial of Service (973309) – This security update resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS.
• MS09-067 – Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) – This security update resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-068 – Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) – This security update resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Detailed information are available in the security bulletins linked above or at the security bulletin summary page here.

Microsoft has released the following security patches (with a link pointing to the security bulletin containing additional information, deployment guidelines and download opportunities):

• MS09-050 Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517) (Critical) – This security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
• MS09-051 Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) (Critical) – This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-052 Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112) (Critical) – This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if a specially crafted ASF file is played using Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-054 Cumulative Security Update for Internet Explorer (974455) (Critical) – This security update resolves three privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-055 Cumulative Security Update of ActiveX Kill Bits (973525) (Critical) – This security update addresses a privately reported vulnerability that is common to multiple ActiveX controls and is currently being exploited. The vulnerability that affects ActiveX controls that were compiled using the vulnerable version of the Microsoft Active Template Library (ATL) could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-060 Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965) (Critical) – This security update resolves several privately reported vulnerabilities in ActiveX Controls for Microsoft that were compiled with a vulnerable version of Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-061 Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378) (Critical) – This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in persuading a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing it, as could be the case in a Web hosting scenario. Microsoft .NET applications, Silverlight applications, XBAPs and ASP.NET pages that are not malicious are not at risk of being compromised because of this vulnerability.
• MS09-062 Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) (Critical)- This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-053 Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254) (Important) – This security update resolves two publicly disclosed vulnerabilities in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, Microsoft Internet Information Services (IIS) 6.0, and Microsoft Internet Information Services (IIS) 7.0. On IIS 7.0, only FTP Service 6.0 is affected. The vulnerabilities could allow remote code execution (RCE) on systems running FTP Service on IIS 5.0, or denial of service (DoS) on systems running FTP Service on IIS 5.0, IIS 5.1, IIS 6.0 or IIS 7.0.
• MS09-056 Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571) (Important) – This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow spoofing if an attacker gains access to the certificate used by the end user for authentication.
• MS09-057 Vulnerability in Indexing Service Could Allow Remote Code Execution (969059) – This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker set up a malicious Web page that invokes the Indexing Service through a call to its ActiveX component. This call could include a malicious URL and exploit the vulnerability, granting the attacker access to the client system with the privileges of the user browsing the Web page. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS09-058 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486) (Important) – This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logged on to the system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.
• MS09-059 Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467) (Important) – This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sent a maliciously crafted packet during the NTLM authentication process.

Adobe will also release security patches later today for critical vulnerabilities in Acrobat Reader.

• Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)
• Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
• Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
• Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
• Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
• Cumulative Security Update for Internet Explorer (963027)
• Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
• Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)

The easiest way to update is by visiting Windows Update or Microsoft Update. Please read our Windows Update Fix article if Windows Update is not working properly on your computer system. Alternatives are so called offline updates like Offline Update, Autopatcher or Update Windows Without Microsoft.

It is recommended to update the computer system as soon as possible to close the vulnerabilities.

The updates are available for pretty much every Windows operating system from Windows XP to Windows Server 2008. The easiest way to download the security updates is to use the official Windows Update server from Microsoft, Automatic Updates or direct downloads from the Microsoft Download Center.

Below are the names of the Microsoft Security Bulletin and the links to the Microsoft Security Bulletin website.

• Microsoft Security Bulletin MS08-052 – Critical – Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
• Microsoft Security Bulletin MS08-053 – Critical – Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
• Microsoft Security Bulletin MS08-054 – Critical – Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
• Microsoft Security Bulletin MS08-055 – Critical – Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)

The easiest way to obtain those updates would be to head over to Windows Updates and install them directly from there. This option is only valid if Internet Explorer is used to open the website.

Users who prefer to download the patches manually can head over to the Microsoft Download Center and download the patches from there for their operating system. The following is a list of the security updates that have been made available:

• Microsoft Security Bulletin MS08-041 – Critical – Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617)
• Microsoft Security Bulletin MS08-042 – Important – Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)
• Microsoft Security Bulletin MS08-043 – Critical – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
• Microsoft Security Bulletin MS08-044 – Critical – Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
• Microsoft Security Bulletin MS08-045 – Critical – Cumulative Security Update for Internet Explorer (953838)
• Microsoft Security Bulletin MS08-046 – Critical – Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
• Microsoft Security Bulletin MS08-047 – Important – Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)
• Microsoft Security Bulletin MS08-048 – Important – Security Update for Outlook Express and Windows Mail (951066)
• Microsoft Security Bulletin MS08-049 – Important – Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
• Microsoft Security Bulletin MS08-050 – Important – Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
• Microsoft Security Bulletin MS08-051 – Critical – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)

As you can see a wide variety of Microsoft software programs and operating systems is affected.

Here is the list of updates that have been released. The easiest way to update them is by simply visiting Windows Update. If you want more control about the update process I suggest you follow the links below or use the Autopatcher Updater to download and install the updates.

Bulletin: Microsoft Security Bulletin MS08-030 (Critical)
Description: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
Impact: Remote Code Execution

Bulletin: Microsoft Security Bulletin MS08-031 (Critical)
Description: Cumulative Security Update for Internet Explorer (950759)
Impact: Remote Code Execution

Bulletin: Microsoft Security Bulletin MS08-033 (Critical)
Description: Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
Impact: Remote Code Execution

Bulletin: Microsoft Security Bulletin MS08-034 (Important)
Description: Vulnerability in WINS Could Allow Elevation of Privilege (948745)
Impact: Elevation of Privilege

Bulletin: Microsoft Security Bulletin MS08-035 (Important)
Description: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
Impact: Denial of Service

Bulletin: Microsoft Security Bulletin MS08-036 (Important)
Description: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
Impact: Denial of Service

Bulletin: Microsoft Security Bulletin MS08-032 (Moderate)
Description: Cumulative Security Update of ActiveX Kill Bits (950760)
Impact: Remote Code Execution

But let me give you a brief description of Autopatcher before I continue. Autopatcher queries the Microsoft update server and downloads all patches and updates from that server to your computer. When I say all I mean all for the operating system or software (like Microsoft Office) that you have selected.

This procedure has several benefits over automatic installations. All patches and updates are downloaded to the users computer and can be used to update several computers, even those without Internet or network access. It is furthermore possible to select the updates that should be installed on the computer and those that should not be.

You begin the process by downloading the Autopatcher Updater from the Autopatcher website. Unpack it to your hard drive and execute the file. A list with possible operating systems and applications will be shown and some of them will be preselected.

Make sure you do keep the Autopatcher Updater and Autopatcher Engine entries checked. You can then make your selection from various Windows editions, languages and applications. Available languages are currently English, Italian and Portuguese.

A click on Next will download all files and patches to your computer directly from the Microsoft servers. The process finishes quickly and will place a file called autopatcher.exe in the root folder of the directory. Start that file afterwards which will load a list of available patches and updates for your operating system.

Items are sorted by critical and recommend updates as well as updated components and Registry tweaks. Already installed patches are marked blue while those that have not been installed yet have a black font color. Simply check the updates that you want to install and click the next button which will start the installation process.

I did not encounter any errors, freezes or even crashes during my tests which is definitely an improvement since the last version that I tried.