JPCERT-AT-2010-0006
JPCERT/CC
2010-02-10
<<< JPCERT/CC Alert 2010-02-10 >>>
February 2010 Microsoft Security Bulletin
(including five critical patches)
https://www.jpcert.or.jp/at/2010/at100006.txt
I. Outline
Microsoft has released its security bulletin summary for Februrary
2010, which contains five security update with severity rating
"Critical".
As a result of this vulnerability, a remote attacker could cause a
denial of service or execute arbitrary code on an affected system.
For further information about this vulnerability, please refer to
the following URLs.
Microsoft Security Bulletin Summary for February 2010
http://www.microsoft.com/technet/security/bulletin/ms10-feb.mspx
An update has also been released for the following publicly released
vulnerability:
Microsoft Security Advisory (979682)
Vulnerability in Windows Kernel Could Allow Elevation of Privilege
http://www.microsoft.com/technet/security/advisory/979682.mspx
Additionally, the following vulnerabilities have been publicly
disclosed and are being investigated by Microsoft:
Microsoft Security Advisory (977544)
Vulnerability in SMB Could Allow Denial of Service
http://www.microsoft.com/technet/security/advisory/977544.mspx
Microsoft Security Advisory (980088)
Vulnerability in Internet Explorer Could Allow Information Disclosure
http://www.microsoft.com/technet/security/advisory/980088.mspx
[Critical Security Updates]
MS10-006
Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
http://www.microsoft.com/technet/security/bulletin/ms10-006.mspx
MS10-007
Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)
http://www.microsoft.com/technet/security/bulletin/ms10-007.mspx
MS10-008
Cumulative Security Update of ActiveX Kill Bits (978262)
http://www.microsoft.com/technet/security/bulletin/ms10-008.mspx
MS10-009
Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
http://www.microsoft.com/technet/security/bulletin/ms10-009.mspx
MS10-013
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)
http://www.microsoft.com/technet/security/bulletin/ms10-013.mspx
II. Countermeasures
Use means such as Microsoft Update or Windows Update to apply the
security update immediately.
Microsoft Update
https://www.update.microsoft.com/
Windows Update
https://windowsupdate.microsoft.com/
Please note that support for Windows 2000 will end on 13 July 2010.
III. References
Microsoft Security Bulletin Summary for February 2010
http://www.microsoft.com/technet/security/bulletin/ms10-feb.mspx
US-CERT Technical Cyber Security Alert TA10-040A
Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA10-040A.html
If you have any additional information regarding this alert, please
contact us.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600 FAX: 03-3518-4602
Top