Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Security Bulletin MS10-018 Released

30 Mar 2010   #1
SGT Oddball

Security Bulletin MS10-018 Released

Hi everyone,

Today we released MS10-018 out-of-band due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in Security Advisory 981374. I want to reiterate that Internet Explorer 8 is not affected by this issue so customers using this version are not affected by these attacks and we continue to encourage customers to upgrade to the newer version because it provides more security and protection.

MS10-018 is a typical cumulative update for Internet Explorer and was originally going to be released during the normal update cycle on the 13th of April. The Internet Explorer team accelerated testing of this update due to the growing attacks against the publicly disclosed vulnerability (CVE-2010-0806), and the update has reached the appropriate quality bar for distribution to customers. Releasing the update early provides Internet Explorer 6 and 7 customers protection against the active attacks and provides users of all versions of Internet Explorer protection against nine other vulnerabilities. I clarify this in the following video:

Here is a simplified view of the ten vulnerabilities and their aggregate severity on Internet Explorer 6, 7, and 8:

* Vulnerability under active attack.

This table demonstrates what we have been saying about the improved security and protection offered in Internet Explorer 8 and why we continue to encourage customers to upgrade.

Since we announced yesterday that we would be releasing this bulletin out-of-band, we have been asked if it addresses the vulnerability that was used in the “pwn2own” contest at the CanSecWest security conference last week. We are still investigating that issue at this time so we do not have an update available. In accordance with the contest rules, the vulnerabilities used are responsibly disclosed so that the respective vendors can produce updates to protect their customers before the vulnerabilities can be used by criminals. Microsoft continues to encourage responsible disclosure and we are a sponsor of the CanSecWest conference because we believe in working closely with security researchers to protect customers and the entire computing ecosystem.

If you can, please join Adrian Stone and I today for a live webcast where we will cover the details of this bulletin and take customer questions live. Here is the registration information:

Date: Tuesday March 30, 2010
Time: 1:00 p.m. PST (UTC -8)

Jerry Bryant
Group Manager – Response Communications

*This posting is provided "AS IS" with no warranties, and confers no rights*


My System SpecsSystem Spec
31 Mar 2010   #2

Windows 10 Pro

Hmmm...maybe I missed something from this statement....

I want to reiterate that Internet Explorer 8 is not affected by this issue so customers using this version are not affected by these attacks
because I just got notified by Windows Update that there is a 14.6MB!!! IE 8 Cumulative Security Update for Internet Explorer 8 (KB980182)

Security Bulletin MS10-018 Released-ie-update0182.jpg

Clicking the "More Information" links to this page - Microsoft Security Bulletin MS10-018 - Critical: Cumulative Security Update for Internet Explorer (980182)

Not an issue though.

My System SpecsSystem Spec
31 Mar 2010   #3

Windows 7 Ultimate x64 RTM + SP1

I smell a rat!! And its coming from M$
My System SpecsSystem Spec


 Security Bulletin MS10-018 Released

Thread Tools

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:56.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App