CSIRTUK advisories

ID: 3931
Date: 10/03/2010

---

Title: 3931 - Microsoft March Security Advisory
Platform level affected:Operating System
Specific operating systems components affected: 32-bit Windows
Remediation Summary:Update your copy of the software with the download available from the supplier.
Vendors affected:Microsoft
Applications affected:Movie Maker, Producer 2003, Excel
Adversity source: Unknown
Attack Vector: Vulnerability exploitation
Virulence: Unknown
Warning Status: Unknown
Potential Damage: Remote execution/modification
Possible Duration: Unknown
Availability of fix: Available
Type of fix: Automated Patch
Source: Microsoft
Reliability of source: Trusted
Source URL: http://www.microsoft.com/technet/security/bulletin/MS10-mar.mspx
Abstract: Microsoft has released updates to address a number of vulnerabilities in Windows and Office.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                    National Cyber Alert System

              Technical Cyber Security Alert TA10-068A

Microsoft Updates for Multiple Vulnerabilities

   Original release date:
   Last revised: --
   Source: US-CERT

Systems Affected

     * Microsoft Windows
     * Microsoft Office

Overview

   Microsoft has released updates to address vulnerabilities in
   Microsoft Windows and Microsoft Office.

I. Description

   Microsoft has released security bulletins for multiple
   vulnerabilities in Microsoft Movie Maker, Microsoft Office Producer
   2003, and Microsoft Office Excel. These bulletins are described in
   the Microsoft Security Bulletin Summary for March 2010. Microsoft
   notes that affected versions of Microsoft Movie Maker were either
   included with Microsoft Windows or available as an optional
   download.

II. Impact

   A remote, unauthenticated attacker could execute arbitrary code or
   cause a vulnerable application to crash.

III. Solution

   Apply updates from Microsoft
  
   Microsoft has provided updates for these vulnerabilities in the
   Microsoft Security Bulletin Summary for March 2010. The security
   bulletin describes any known issues related to the updates.
   Administrators are encouraged to note these issues and test for any
   potentially adverse effects. Administrators should consider using
   an automated update distribution system such as Windows Server
   Update Services (WSUS).
  
   Microsoft notes that there is no security update available for
   Microsoft Producer 2003 at this time of this writing. Users can
   mitigate the impact to systems with Microsoft Producer 2003 by
   applying the automated solution to remove the Microsoft Producer
   file associations using the Fix it found in Microsoft Knowledge
   Base Article 975561, and by applying the workarounds in Microsoft
   Security Bulletin MS10-016.

IV. References

 * Microsoft Security Bulletin Summary for March 2010 -
   <http://www.microsoft.com/technet/security/bulletin/MS10-mar.mspx>

 * Microsoft Windows Server Update Services -
   <http://technet.microsoft.com/en-us/wsus/default.aspx>

 * Microsoft Knowledge Base Article 975561 -
   <http://support.microsoft.com/kb/975561>

 * Microsoft Security Bulletin MS10-016 -
   <http://www.microsoft.com/technet/security/bulletin/ms10-016.mspx>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA10-068A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA10-068A Feedback VU#586853" in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2010 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
 
  March 09, 2010: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS5bAnT6pPKYJORa3AQJgXwgAvE0mmWRlV/XF5k/H6yf5ZHocmH80a3+P
CpGT1DWFDbBLEO2I6jq9bJM8yNCmeTzG0v3XkwGe6fQ29KuILMTRqwDPgdB5gDHh
MPfnxX/PJN8LBR8Qog8T6ilOTXEgYHj/6RN4j5iOmZjpbgkUKmGfDxevht2DDOjK
e7y0tseZuKee4Vb1pZgpFHyjspMQ1ksVQbyvklAQkPL9DSnq+uk6lFBxQnnJ36pR
I4Lku7Qf3kjSc3yJWFXkXhAcMx6RbPasogtnU9MBDlOC69X3W3m4RxaXB87RwFV8
XDqtuyrINJ6RJHEg0V/gZCT0+mgfUpkqPWS9uaaPSp24LwDGj5yqQw==
=+osT
-----END PGP SIGNATURE-----

This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.

The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.

CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.