Severity: : Critical
  Advisory Date: 13 de lipca de 2010

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its July batch of patches:

  • (MS10-042) Vulnerability in Help and SupportCenter Could Allow Remote Code Execution (2229593)

    Risk Rating: Critical

    This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003.

  • (MS10-043) Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)

    Risk Rating: Critical

    This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.

  • (MS10-044) Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)

    Risk Rating: Critical

    This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls.

  • (MS10-045) Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)

    Risk Rating: Important

    This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook.

  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.