Last updated at Wed, 27 Sep 2017 21:17:25 GMT
Microsoft's patch for September includes 4 Critical Bulletins and 5 Important Bulletins covering 11 vulnerabilities.
A couple vulnerabilities are worth noting including:
MS10-064 a vulnerability in Microsoft Outlook allows for Remote Code Execution. This is the classic drive-by malware in which the attacker sends a malicious email message to the victim. Simply by opening the contents of an email, the attacker can gain full control of the victim's machine. Organizations should conduct user awareness training as one method to reduce the likelihood of exploits.
Another bulleting of interest is MS10-061 which is a vulnerability in the Print Spooler Service. This vulnerability is already being exploited in the wild. The method of exploitation does not require user credentials and affects Windows XP. Anyone who is able to weaponize this vulnerability will gain complete control of an affected system. System administrator's should focus their efforts to patch this vulnerability first.
Here's the breakdown:
1. MS10-061 Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)
CVE-2010-2729 (BID 43073) Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 9.6/10)
A remote code-execution vulnerability affects the Windows Print Spooler because it does not properly restrict where a user can print to a file. An attacker can exploit this issue by sending a specially crafted print request to a vulnerable server over RPC. The service will fail to properly restrict access and allow the file to be saved in an attacker-specified location. This may facilitate a complete compromise of an affected computer.
2. MS10-062 Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution (975558)
CVE-2010-0818 (BID 43039) Microsoft MPEG-4 Codec Media File Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)
A remote code-execution vulnerability affects MPEG-4 codec when handling certain supported media files. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file or viewing a malicious web page. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.
3. MS10-063 Vulnerability in Unicode Scripts Processor Could Lead to Remote Code Execution (2320113)
CVE-2010-2738 (BID 43068) Microsoft Windows and Office Uniscribe Font Parsing Engine Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)
A remote code-execution vulnerability affects Windows and Office when handling embedded OpenType fonts. An attacker can exploit this issue by tricking an unsuspecting victim into opening a file or viewing a web page containing malformed fonts. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.
4. MS10-064 Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2315011)
CVE-2010-2728 (BID 43063) Microsoft Outlook 'Online Mode' Remote Heap Buffer Overflow Vulnerability (MS Rating: Critical / Symantec Rating: 7.1/10)
A remote code-execution vulnerability affects Outlook when connected to an Exchange server in ‘Online' mode. An attacker can exploit this issue by sending a specially crafted email message to an unsuspecting victim. When the victim opens or previews the message, the attacker-supplied code will run. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.
