Microsoft released 11 bulletins this tuesday to address 25 vulnerabilities. The Patch Assesment Team at Desktop Central have tested all the patches that are relevant to the application supported by Desktop Central and have updated the Central Patch Repository. This means customers can synchronize their patch database and deploy all of these new patches.  Given below is the quick snapshot of the bulletins/patches:

Bulletin ID Vulnerability Title CVE ID Exploitability Index Assessment

MS10-021

Windows Kernel Memory Allocation Vulnerability

CVE-2010-0236

1 – Consistent exploit code likely

MS10-021

Windows Kernel Symbolic Link Creation Vulnerability

CVE-2010-0237

1 – Consistent exploit code likely

MS10-027

Media Player Remote Code Execution Vulnerability

CVE-2010-0268

1 – Consistent exploit code likely

MS10-023

Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability

CVE-2010-0479

1 – Consistent exploit code likely

MS10-026

MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability

CVE-2010-0480

1 – Consistent exploit code likely

MS10-022

VBScript Help Keypress Vulnerability.
This vulnerability has been publicly disclosed, as described in Microsoft Security Advisory 981169

CVE-2010-0483

1 – Consistent exploit code likely

For Windows Server 2008, Windows 7, and Windows Server 2008 R2:
3 – Functioning exploit code unlikely

MS10-020

SMB Client Transaction Vulnerability

CVE-2010-0270

2 – Inconsistent exploit code likely

MS10-020

SMB Client Response Parsing Vulnerability

CVE-2010-0476

2 – Inconsistent exploit code likely

MS10-019

WinVerifyTrust Signature Validation Vulnerability

CVE-2010-0486

2 – Inconsistent exploit code likely

MS10-019

Cabview Corruption Validation Vulnerability

CVE-2010-0487

2 – Inconsistent exploit code likely

MS10-020

SMB Client Incomplete Response Vulnerability.
This vulnerability has been publicly disclosed, as described in Microsoft Security Advisory 977544.

Likely impact is denial of service.

CVE-2009-3676

3 – Functioning exploit code unlikely

MS10-020

SMB Client Memory Allocation Vulnerability

CVE-2010-0269

3 – Functioning exploit code unlikely

MS10-020

SMB Client Message Size Vulnerability
Likely impact is denial of service

CVE-2010-0477

3 – Functioning exploit code unlikely

Deployment Priority (Courtesy: MSRC Blog )

For any assistance on patching feel free to contact desktopcentral-support@manageengine.com

Happy Patching. 

cheers,