90 likes | 200 Views
Information About Microsoft Out-of-Band Security Bulletins . What We Will Cover. Review of Out-of-Band release: New Security Bulletin New Security Advisory Resources Questions and answers. MS10-00 2 : Cumulative Security Update for Internet Explorer (97 8207 ).
E N D
What We Will Cover • Review of Out-of-Band release: • New Security Bulletin • New Security Advisory • Resources • Questions and answers
MS10-002: Cumulative Security Update for Internet Explorer (978207)
Security Advisory 979682: Vulnerability in Windows Could Allow an Elevation in Privilege • Microsoft is investigating new public reports of a vulnerability in the Windows kernel. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time. • Microsoft released Security Advisory 979682 to provide mitigations and workarounds for this vulnerability. • Microsoft is currently working towards an update to address this vulnerability. • Mitigating Factors: • An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. • Windows operating systems for x64-based and Itanium-based computers are not affected. • Workaround: Disable the NTVDM subsystem (users will not be able to run 16-bit applications)
Detection & Deployment Yes for Internet Explorer 6.0 only in Windows XP SP2 , Windows XP SP3 and Windows Server 2003 SP2
Resources Blogs • Microsoft Security Response Center (MSRC) blog:http://blogs.technet.com/msrc • Security Research & Defense blog:http://blogs.technet.com/srd • Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ Bulletins, Advisories, Notifications & Newsletters • Security Bulletins Summary:www.microsoft.com/technet/security/bulletin/summary.mspx • Security Bulletins Search:www.microsoft.com/technet/security/current.aspx • Security Advisories:www.microsoft.com/technet/security/advisory/ • Microsoft Technical Security Notifications:www.microsoft.com/technet/security/bulletin/notify.mspx • Microsoft Security Newsletter:www.microsoft.com/technet/security/secnews/ Security Centers • Microsoft Security Home Page: www.microsoft.com/security • TechNet Security Center:www.microsoft.com/technet/security • MSDN Security Developer Center:http://msdn.microsoft.com/en-us/security/default.aspx Other Resources • OOB Update Resources: • IT Pro/Enterprise Guidance: www.microsoft.com/technet/security • Consumer Guidance: http://www.microsoft.com/security/updates/ie.aspx • Update Management Processhttp://www.microsoft.com/technet/security/guidance/patchmanagement/secmod193.mspx • Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners.mspx
Questions and Answers Submit text questions using the “Ask” button. Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog:http://blogs.technet.com/msrc Register for next months webcast at:http://microsoft.com/technet/security/current.aspx