Bulletin MS10-002 Released

    Bulletin MS10-002 Released


    Posted: 21 Jan 2010
    Hello,

    Today we released Security Bulletin MS10-002 out-of-band to address vulnerabilities in Internet Explorer. All customers using currently supported versions of Windows and Internet Explorer should apply this update as soon as possible. Once applied, customers are protected against the known attacks that have been widely publicized. For customers using automatic updates, this update will automatically be applied once it is released.

    I also wanted to clarify some information that we included in our update to Security Advisory 979352 yesterday. We let customers know that there are other applications that may use mshtml.dll as a rendering engine and if those applications allow active scripting, they can be used as an attack vector. Customers who install today’s update are NOT vulnerable and are protected from all known attack vectors. These applications are NOT vulnerable and no security updates are needed for them. Installing today’s Internet Explorer update addresses the vulnerability across all applications.

    As we noted in our blog post yesterday, this Internet Explorer security update was already planned for release in February. When the attack discussed in Security Advisory 979352 was first brought to our attention on Jan 11, we quickly released an advisory for customers two days later. As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September.

    For a detailed review of today’s bulletin, please join Adrian Stone and I today for a live webcast where we will try to answer your questions in real time. Registration information:

    Date: Thursday Jan 21
    Time: 1:00 p.m. PST (UTC -8)
    Registration: http://msevents.microsoft.com/CUI/Ev...tID=1032440627

    Hope to see you there!

    Jerry Bryant

     

    *This posting is provided "AS IS" with no warranties, and confers no rights.*

    More...
    SGT Oddball's Avatar Posted By: SGT Oddball
    21 Jan 2010



 

Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:42.
Find Us