Actualización Smartdefense 09-06-2010

De la versión 618100526 a la 618100608, esta tiene algo mas de contenido.

Microsoft XML signature HMAC Truncation bypass con el advisory MS10-041.
Microsoft Excel Sxview record parsing memory corruption, con el advisory MS10-038, que cachondos … “An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
Microsoft Excel OBJ record stack overflow, mismo advisory.
Microsoft excel Wopt record memory corruption, idem.
Microsoft excel Sxview record memory pointer corruption, igual.
Microsoft excel realtime data heap corruption, igual.
Microsoft excel HFpicture record stack overflow, igual.
Microsoft excel external name record memory corruption, igual.
Microsoft excel Un-documnet publisher record memory corruption, igual.
Microsoft excel DBQuery Ext record memory pointer corruption, otro mas.

Este advisory da para mucho…

Internet Explorer 8 developer tools activex memory corruption con el advisory MS10-034.
Internet Explorer toStaticHTML information disclosure, advisory MS10-035, en esta hay algo que me ha dejado un poco trastocado…
“This security update is rated Critical for Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. For more information, see the subsection, Affected and Non-Affected Software, in this section.” critica en ie6 sobre cualquier cosa excepto los servers??.
Internet Explorer CStylesheet uninitialized memory corruption con el mismo advisory.

Activados y logueando a ver que pasa…

Comments are closed.