For a detailed analysis of this month’s updates, please check out the MSRC blog.
Microsoft has released the latest monthly security updates for October 2010 and has made them available for download from the Microsoft Download Center and from Windows Update/Microsoft Update.
Critical:
–KB2360131: Cumulative Security Update for Internet Explorer
–KB2281679: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution
–KB982132: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution
–KB2160841: Vulnerability in .NET Framework Could Allow Remote Code Execution
Important:
–KB2412048: Vulnerabilities in SafeHTML Could Allow Information Disclosure
–KB981957: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
–KB2279986: Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege
–KB2293194: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution
–KB2293211: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
–KB2296011: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution
–KB2378111: Vulnerability in Windows Media Player Could Allow Remote Code Execution
–KB2405882: Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution
–KB2360937: Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege
–KB2207566: Vulnerability in SChannel Could Allow Denial of Service
–KB2387149: Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution
–KB2294255: Vulnerability in Windows Shared Cluster Disks Could Allow Tampering
Microsoft has also released the usual update for the Windows Malicious Software Removal Tool (x86) (x64).
View: 