Alert for Users of Internet Explorer 6 and 7 : ADVANCE NOTIFICATION - March 30, 2010 (OOB) Microsoft Security Bulletin Release - Ruud de Jonge

Ruud de Jonge

over Microsoft Platform en Security ontwikkelingen

Alert for Users of Internet Explorer 6 and 7 : ADVANCE NOTIFICATION - March 30, 2010 (OOB) Microsoft Security Bulletin Release

What is the purpose of this alert?

This is an advance notification of an out-of-band security bulletin that Microsoft is intending to release on March 30, 2010. The bulletin is being released to address attacks against customers of Internet Explorer 6 and Internet Explorer 7. Users of Internet Explorer 8 and Windows 7 are not vulnerable to these attacks.

The vulnerability used in these attacks, along with workarounds, is described in Microsoft Security Advisory 981374.

The out-of-band security bulletin is a cumulative security update for Internet Explorer and will also contain fixes for privately reported vulnerabilities rated Critical on all versions of Internet Explorer that are not related to this attack.

Microsoft continues to encourage customers to follow the Protect Your Computer guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additional information can be found at www.microsoft.com/protect.

New Bulletin Summary

 

Bulletin Identifier

Internet Explorer

Maximum Severity Rating

Critical

Impact of Vulnerability

Remote Code Execution

Restart Requirement

The update will require a restart.

Affected Software

All supported versions of Internet Explorer on supported versions of Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Note: information on affected software listed above is an abstract. Please see the Advance Notification Web page at the link below for complete details.

Although we do not anticipate any changes, the information provided in this summary is  subject to change until the release.

The full version of the Microsoft Security Bulletin Advance Notification for this (OOB) release can be found at http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx.

Public Bulletin Webcast

 

Microsoft will host a public webcast to address customer questions on these bulletins:

Title: Information about Microsoft March (OOB) Security Bulletin (Level 200)

Date: Tuesday, March 30, 2010, at 1:00 PM Pacific Time (U.S. & Canada).

URL: http://www.microsoft.com/technet/security/bulletin/summary.mspx

 

At this time no additional information on this bulletin, such as details regarding severity or details regarding the vulnerability will be made available until the bulletin is published.

Resources related to this alert

·         Security Advisory 981374 – Vulnerability in Internet Explorer Could Allow Remote Code Execution: http://www.microsoft.com/technet/security/advisory/981374.mspx 

·         Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc/

·         Microsoft Security Research & Defense (SRD) Blog: http://blogs.technet.com/srd/

·         Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc/

·         Microsoft Security Development Lifecycle (SDL) Blog: http://blogs.msdn.com/sdl/

 

Posted: Mar 29 2010, 09:22 PM door Ruud de Jonge | met no comments
Opgeslagen onder: , ,

Commentaar:

Geen commentaar

Wat denkt u?

(Verplicht) 

(Verplicht) 

(Optioneel)

(Verplicht) 
CaptchaCube Vraag:


Antwoord: