|
|
|
Critical Product Vulnerability - (Out-of-Band) Microsoft Security Bulletin Release
By
AgniTEK on
8/6/2010 1:34 PM
| Filed Under
[IT Services - Austin], [IT Services - Bryan / College Station], [IT Services - Dallas / Ft. Worth], [IT Services - Houston], [IT Services - San Antonio], [IT Support Services], [Network Management]
Popular tags: Computer Upgrades, Microsoft, Network Security, Patch Management, Computer Security
 We wanted to make sure all Windows users are aware of this critical update. All ManageIT client machines have either already been updated or are currently being updated. For clients that are not on our ManageIT proactive support, please manually update your computers accordingly. Please contact us at http://www.myagnitek.com or toll free 888-4-AGNITEK if we can assist with anything.
If you are having trouble viewing this e-mail, please view the online version.
|
|
|
|
|
|
|
|
|
Microsoft is releasing an out-of-band security update to address the .LNK vulnerability described in Microsoft Security Advisory 2286198. MS10-046 addresses one vulnerability in Windows, which has a maximum severity rating of Critical and an Exploitability Index rating of 1. The security vulnerability affects all supported editions of Windows, including Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
|
|
|
|
It is recommended that customers deploy the update as soon as possible to help protect their computers from criminal attacks. The security update protects against attempts to exploit the vulnerability by several malware families.
|
|
|
|
What is the purpose of this alert?
|
|
|
|
This alert is to provide you with an overview of the new security bulletin released (out-of-band) on August 2, 2010.
|
|
|
|
NEW SECURITY BULLETIN OVERVIEW
|
|
|
|
Microsoft is releasing one new security bulletin (out-of-band) for newly discovered vulnerabilities:
|
|
|
|
Bulletin ID
|
Bulletin Title
|
Maximum Severity Rating
|
Vulnerability Impact
|
Restart Requirement
|
Affected Software
|
|
|
Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
|
Critical
|
Remote Code Execution
|
Requires Restart
|
Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
|
|
|
|
Affected software listed above is an abstract. Please see the bulletin at the link in the left column for complete details.
|
|
|
|
EXECUTIVE SUMMARY
|
|
|
|
This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
|
|
|
|
This security update is rated Critical for all supported editions of Windows. The security update addresses the vulnerability by correcting validation of shortcut icon references.
|
|
|
|
|
|
|
|
PUBLIC BULLETIN WEBCAST
|
|
|
|
Microsoft has recorded a webcast to address customer questions on this bulletin:
|
|
Title: Information About Microsoft's August 2010 (Out-of-Band) Security Bulletin Release
|
|
Date: Recorded webcast will be posted no later than Tuesday, August 3, 2010, at 1:00 P.M. Pacific Time (U.S. and Canada).
|
|
|
|
|
|
PUBLIC RESOURCES RELATED TO THIS ALERT
|
|
|
|
|
|
NEW SECURITY BULLETIN TECHNICAL DETAILS
|
|
|
In the following tables of affected and nonaffected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle Web site at http://support.microsoft.com/lifecycle/.
|
|
|
|
Bulletin Identifier
|
Microsoft Security Bulletin MS10-046
|
|
Bulletin Title
|
Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
|
|
Executive Summary
|
This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. The security update addresses the vulnerability by correcting validation of shortcut icon references. This security update also addresses the vulnerability first described in Microsoft Security Advisory 2286198.
|
|
Affected Software
|
This security update is rated Critical for all supported editions of Windows.
|
|
CVE, Exploitability Index Rating
|
CVE-2010-2568: Shortcut Icon Loading Vulnerability (EI = 1)
|
|
Attack Vectors
|
- A maliciously crafted shortcut file.
- Common delivery mechanisms: a maliciously crafted Web page, an e-mail attachment, an instant message, a peer-to-peer file share, a network share, or a USB thumb drive.
|
|
Mitigating Factors
|
- Users would have to be persuaded to visit a malicious Web site.
- Exploitation only gains the same user rights as the logged-on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Blocking outbound SMB connections on the perimeter firewall reduces the risk of remote exploitation using file shares.
|
|
Restart Requirement
|
The update will require a restart.
|
|
Bulletins Replaced by This Update
|
None
|
|
Publicly Disclosed?
Exploited?
|
Yes—this vulnerability was publicly disclosed prior to release. More information is contained in Microsoft Security Advisory 2286198.
Yes—this vulnerability has been exploited in the wild at release.
|
|
Full Details
|
|
|
|
|
REGARDING INFORMATION CONSISTENCY
|
|
|
|
We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. The Microsoft security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in the Microsoft Web-based security content, the information in the Microsoft Web-based security content is authoritative.
|
|
|
|
Thank you,
|
|
|
|
Microsoft Security Team
|
|
|
|
|
This message from Microsoft is an important part of a program, service, or product that you or your company purchased or participate in.
Legal Information
Microsoft respects your privacy. Please read our Privacy Statement.
Microsoft Corporation
One Microsoft Way
Redmond, WA, USA 98052 |
|
|
|
|
On processing, please waiting for ...
|
|
|
|
- May, 2012 ( 7 )
- April, 2012 ( 9 )
- March, 2012 ( 9 )
- February, 2012 ( 10 )
- January, 2012 ( 8 )
- December, 2011 ( 7 )
- November, 2011 ( 9 )
- October, 2011 ( 10 )
- September, 2011 ( 10 )
- August, 2011 ( 9 )
- July, 2011 ( 7 )
- June, 2011 ( 6 )
- May, 2011 ( 7 )
- April, 2011 ( 8 )
- March, 2011 ( 9 )
- February, 2011 ( 6 )
- January, 2011 ( 6 )
- October, 2010 ( 1 )
- August, 2010 ( 1 )
- June, 2010 ( 9 )
- April, 2010 ( 1 )
- March, 2010 ( 4 )
- February, 2010 ( 8 )
- January, 2010 ( 8 )
- December, 2009 ( 13 )
- November, 2009 ( 9 )
- October, 2009 ( 12 )
- September, 2009 ( 2 )
- August, 2009 ( 5 )
- July, 2009 ( 10 )
- June, 2009 ( 5 )
- May, 2009 ( 1 )
- March, 2009 ( 1 )
- January, 2009 ( 1 )
- November, 2008 ( 3 )
- October, 2008 ( 3 )
- June, 2008 ( 2 )
- April, 2008 ( 1 )
- March, 2008 ( 1 )
- November, 2007 ( 3 )
- October, 2007 ( 2 )
- September, 2007 ( 2 )
- August, 2007 ( 1 )
- April, 2007 ( 3 )
- February, 2007 ( 1 )
- January, 2007 ( 1 )
- November, 2006 ( 2 )
|
|
|
Bryan / College Station: 979-260-8324 Dallas / Fort Worth: 214-382-9002 Houston Metro: 713-422-2270 Toll Free: 888-4-AGNITEK 
|
|