Description: This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by changing the way that Windows Movie Maker parses project files. Keep reading →

When attempting to install Windows Update MS10-015, (KB 977165), using Windows Update or Automatic Updates, the installation may fail with one of the following error codes:

Error Code FFFFFFFF

This article introduces a Fix it solution that users can run to determine whether a computer is compatible with security update 977165. This security update is described in security bulletin MS10-015. Additionally, administrators can use this solution to determine whether the computers in an enterprise environment are compatible with security update 977165.

An update is available for all the Microsoft products that use Active Directory Rights Management Services (AD RMS). This update prevents you from receiving error messages that are related to the application manifest expiry feature of the AD RMS clients.

As a follow up to the Office 2003 Information Rights Management (IRM) update, Microsoft has made additional changes in AD RMS. The application manifest expiry feature of AD RMS is no longer required.

After careful review of the original design of the AD RMS client, Microsoft has determined that the application manifest expiry feature can be completely removed. The application manifest expiry feature was a legacy feature in the original product. This feature allowed for more specific control of the applications that can access AD RMS protected content. The functionality that was provided by this feature is now included in other features that are contained in AD RMS, such as Application Exclusion and Windows Software Restrictions policies. These new features provide a new approach to allow for controlling what applications can run in your enterprise. The new approach puts the control in your hands.

Description: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities. The security update addresses these vulnerabilities by correcting the way that SMB validates SMB requests. Keep reading →

Description: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server.The security update addresses the vulnerabilities by correcting the manner in which the SMB client validates responses. Keep reading →

Description: This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.The security update addresses the vulnerabilities by ensuring that the Windows Kernel handles exceptions properly. Keep reading →

This update is not a security update that end-users can install. Instead, this update is recommended for server administrators only. This update deploys a workaround that disables Transport Layer Security (TLS) and Secure Sockets Layer (SSL) renegotiation support on affected systems to help protect clients that connect to such servers from exploitation by using this vulnerability.

TLS renegotiation is a component of the Transport Layer Security protocol and may be required by certain applications. We recommend that customers validate the need for implementing this workaround, and if it is considered required, test this workaround carefully for the applicable deployment scenario or scenarios.

Description: This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if specially crafted packets are sent to a computer with IPv6 enabled. An attacker could try to exploit the vulnerability by creating specially crafted ICMPv6 packets and sending the packets to a system with IPv6 enabled. This vulnerability may only be exploited if the attacker is on-link. The security update addresses the vulnerabilities by changing the way Windows TCP/IP performs bounds checking and other packet handling operations. Keep reading →

Description: This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The security update addresses the vulnerability by correcting the way that DirectShow opens AVI files. Keep reading →