February 2010 Patch Tuesday Updates are now supported by Desktop Central

Microsoft released 13 bulletins this tuesday to address 26 vulnerabilities. The Patch Assesment Team at Desktop Central have tested all of these patches and have updated the Central Patch Repository (exepting bulletin MS10-010). This means customers can synchronize their patch database and deploy all of these new patches. Given below is the quick snapshot of the bulletins/patches:

Bulletin ID	Vulnerability Title	CVE ID	Exploitability Index Assessment
MS10-006	SMB Client Race Condition Vulnerability	CVE-2010-0017	1 – Consistent exploit code likely
MS10-011	CSRSS Local Privilege Elevation Vulnerability	CVE-2010-0023	1 – Consistent exploit code likely
MS10-007	URL Validation Vulnerability	CVE-2010-0027	1 – Consistent exploit code likely
MS10-004	PowerPoint LinkedSlideAtom Heap Overflow Vulnerability	CVE-2010-0030	1 – Consistent exploit code likely
MS10-004	PowerPoint OEPlaceholderAtom ‘placementId’ Invalid Array Indexing Vulnerability	CVE-2010-0031	1 – Consistent exploit code likely
MS10-004	PowerPoint OEPlaceholder Atom Use After Free Vulnerability	CVE-2010-0032	1 – Consistent exploit code likely
MS10-004	PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability	CVE-2010-0033	1 – Consistent exploit code likely
MS10-004	Office PowerPoint Viewer TextCharsAtom Record Stack Overflow Vulnerability	CVE-2010-0034	1 – Consistent exploit code likely
MS10-012	SMB NTLM Authentication Lack of Entropy Vulnerability	CVE-2010-0231	1 – Consistent exploit code likely
MS10-015	Windows Kernel Exception Handler Vulnerability	CVE-2010-0232	1 – Consistent exploit code likely
MS10-003	MSO.DLL Buffer Overflow Vulnerability	CVE-2010-0243	1 – Consistent exploit code likely
MS10-013	DirectShow Heap Overflow Vulnerability	CVE-2010-0250	1 – Consistent exploit code likely
MS10-006	SMB Client Pool Corruption Vulnerability	CVE-2010-0016	2 – Inconsistent exploit code likely
MS10-012	SMB Pathname Overflow Vulnerability	CVE-2010-0020	2 – Inconsistent exploit code likely
MS10-012	SMB Memory Corruption Vulnerability	CVE-2010-0021	2 – Inconsistent exploit code likely
MS10-005	MS Paint Integer Overflow Vulnerability	CVE-2010-0028	2 – Inconsistent exploit code likely
MS10-004	PowerPoint File Path Handling Buffer Overflow Vulnerability	CVE-2010-0029	2 – Inconsistent exploit code likely
MS10-015	Windows Kernel Double Free Vulnerability	CVE-2010-0233	2 – Inconsistent exploit code likely
MS10-009	ICMPv6 Router Advertisement Vulnerability	CVE-2010-0239	2 – Inconsistent exploit code likely
MS10-009	Header MDL Fragmentation Vulnerability	CVE-2010-0240	2 – Inconsistent exploit code likely
MS10-009	ICMPv6 Route Information Vulnerability	CVE-2010-0241	2 – Inconsistent exploit code likely
MS10-012	SMB Null Pointer Vulnerability	CVE-2010-0022	3 – Functioning exploit code unlikely
MS10-010	Hyper-V Instruction Set Validation Vulnerability	CVE-2010-0026	3 – Functioning exploit code unlikelych Tuesday, Patch tuesday updates, Patch Tuesday 2010, February 2010 Patch Tuesday, MS Patch Tuesday
MS10-014	Kerberos Null Pointer Dereference Vulnerability	CVE-2010-0035	3 – Functioning exploit code unlikely
MS10-009	TCP/IP Selective Acknowledgement Vulnerability	CVE-2010-0242	3 – Functioning exploit code unlikely

For any assistance on patching feel free to contact desktopcentral-support@manageengine.com

Happy Patching.

cheers,

February 2010 Patch Tuesday Updates are now supported by Desktop Central

ananthv@zohocorp.com

Cancel reply

February 2010 Patch Tuesday Updates are now supported by Desktop Central

ananthv@zohocorp.com

Cancel reply

Related Posts

Confira as atualizações do Patch Tuesday de dezembro de 2022