Microsoft Patch Tuesday for September 2010: nine bulletins

    Microsoft Patch Tuesday for September 2010: nine bulletins


    Posted: 10 Sep 2010

    According to the Microsoft Security Response Center, Microsoft will issue nine Security Bulletins addressing 13 vulnerabilities on Tuesday, September 14. It will also host a webcast to address customer questions the following day.

    Four of the vulnerabilities are rated "Critical" and the other five are marked "Important." All of the Critical vulnerabilities earned their rating through a remote code execution impact, meaning a hacker could potentially gain control of an infected machine. At least four of the nine patches will require a restart.

    The list of affected operating systems includes Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Microsoft Office XP, Office 2003, and Office 2007 are also being patched.
    More -
    Microsoft Patch Tuesday for September 2010: nine bulletins
    Posted By: JMH
    10 Sep 2010



  2. brianzion
    Posts : 3,612
    Operating System : Windows 7 Home Premium Edition 6.01.7600 SP1 (x64)
       New #1

    here is some more news from sofpedia
    Microsoft to Plug 11 Security Holes in Windows, IIS and Office on September 14 - Softpedia
      My Computer
    Quote Quote

  4. marsmimar
    Posts : 10,994
    Win 7 Pro 64-bit
       New #2

    But still no permanent fix for the recently announced "DLL preloading attacks". Although there are some workarounds.

    Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution
      My Computer
    Quote Quote

  5. brianzion
    Posts : 3,612
    Operating System : Windows 7 Home Premium Edition 6.01.7600 SP1 (x64)
       New #3

    marsmimar said:
    But still no permanent fix for the recently announced "DLL preloading attacks". Although there are some workarounds.

    Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution
    are you looking for this?
    A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm
      My Computer
    Quote Quote

  7. marsmimar
    Posts : 10,994
    Win 7 Pro 64-bit
       New #4

    brianzion said:
    are you looking for this?
    A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm
    No, that's the workaround Microsoft came up with. From that article, "The fix it solution described in this section is not intended to be a replacement for any security update. We recommend that you always install the latest security updates. However, we offer this fix it solution as a workaround option for customers to protect their systems while a security update is not available or cannot be installed."
      My Computer
    Quote Quote

  8. brianzion
    Posts : 3,612
    Operating System : Windows 7 Home Premium Edition 6.01.7600 SP1 (x64)
       New #5

    marsmimar said:
    brianzion said:
    are you looking for this?
    A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm
    No, that's the workaround Microsoft came up with. From that article, "The fix it solution described in this section is not intended to be a replacement for any security update. We recommend that you always install the latest security updates. However, we offer this fix it solution as a workaround option for customers to protect their systems while a security update is not available or cannot be installed."
    okey dokey sorry :) one question i downloaded this update and installed it a few days ago the fix it option was that the right thing to do it said it installed ok? i have not had any ill effects on my machine.
    Last edited by brianzion; 10 Sep 2010 at 18:49. Reason: update
      My Computer
    Quote Quote

  9. marsmimar
    Posts : 10,994
    Win 7 Pro 64-bit
       New #6

    brianzion said:
    okey dokey sorry :) one question i downloaded this update and installed it a few days ago the fix it option was that the right thing to do it said it installed ok? i have not had any ill effects on my machine.
    As far as I know, the fix it option is supposed to be a workable solution. Unfortunately, MS had some other fix it solutions over the years for other issues relating to XP, IE7, et al that caused considerable grief. Basically, those other fix its also altered the registry. Then when MS came out with their permanent security update, it conflicted with the fix it solution. MS had to scramble to create an "undo" option for the fix it so the permanent security update could be safely installed. I got caught up in one of the IE 7 fix it solutions. Even the "undo" didn't work the way it was supposed to. Hopefully MS has learned from their past mistakes and this fix it will seamlessly work with an eventual permanent security update.
      My Computer
    Quote Quote

  11. brianzion
    Posts : 3,612
    Operating System : Windows 7 Home Premium Edition 6.01.7600 SP1 (x64)
       New #7

    marsmimar said:
    brianzion said:
    okey dokey sorry :) one question i downloaded this update and installed it a few days ago the fix it option was that the right thing to do it said it installed ok? i have not had any ill effects on my machine.
    As far as I know, the fix it option is supposed to be a workable solution. Unfortunately, MS had some other fix it solutions over the years for other issues relating to XP, IE7, et al that caused considerable grief. Basically, those other fix its also altered the registry. Then when MS came out with their permanent security update, it conflicted with the fix it solution. MS had to scramble to create an "undo" option for the fix it so the permanent security update could be safely installed. I got caught up in one of the IE 7 fix it solutions. Even the "undo" didn't work the way it was supposed to. Hopefully MS has learned from their past mistakes and this fix it will seamlessly work with an eventual permanent security update.
    mmmmmm i see your point i will try not to worry about it but will note the installation date and time when i installed it and k number just in case thanks for the advice
      My Computer
    Quote Quote

  12. Layback Bear
    Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       New #8

    Waiting for Microsoft Security Updates (KXXXXXXX) has always worked better for me. I try not to use patches. As has been stated, some times they can argue with each other.
      My Computer
    Quote Quote

  13. brianzion
    Posts : 3,612
    Operating System : Windows 7 Home Premium Edition 6.01.7600 SP1 (x64)
       New #9

    Layback Bear said:
    Waiting for Microsoft Security Updates (KXXXXXXX) has always worked better for me. I try not to use patches. As has been stated, some times they can argue with each other.
    fingers crossed i will be ok
      My Computer
    Quote Quote

 

  Related Discussions
MS stopped sending advanced bulletins for patch tue this month (01/15). Usually they came on the preceding Thursday (email notification for me). Does anyone know a way to get a heads-up, as in the past? Uncomfortable waiting till they appear on cnet or somewhere else after the fact. Thanks for any...
December 2010 Patch Tuesday will come with most bulletins ever
More - October 2010 Patch Tuesday will come with most bulletins ever
Microsoft plans to ship 8 security bulletins next Tuesday (April 14, 2009) to fix remote code execution and denial of service vulnerabilities affecting Windows, Office and Internet Explorer. According to the company’s Patch Tuesday advance notice, five of the bulletins will be rated “critical,”...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 15:33.
Find Us