- Threat Encyclopedia
- Vulnerabilities
- Latest Security Advisories & Notable Vulnerabilities
Microsoft addresses the following vulnerabilities in its August batch of patches:
This security update addresses a publicly disclosed vulnerability in Windows Shell, which may allow remote code execution once icon of a specially crafted shortcut is displayed. Read more here.
This security update addresses several privately reported vulnerabilities in Microsoft Windows. The most serious of these may allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An unauthorized user must have valid logon credentials and must be logged on locally for exploit to be successful. The vulnerabilities could not be exploited remotely or by anonymous users. Read more here.
This update addresses one publicly disclosed and four privately reported vulnerabilities in the Windows kernel-mode drivers. The most serious of these may allow elevation of privilege if an unauthorized user logs on to an affected system and runs a specific malicious application. Read more here.
This security update resolves a publicly disclosed vulnerability and one privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. Read more here.
This security update addresses a privately reported vulnerability in Windows Movie Maker, which may allow remote code execution if an attacker convinces a user to open a specially crafted Movie Maker sent. Read more here.
This security update addresses a privately reported vulnerability in Microsoft XML Core Services, which could allow remote code execution if a user viewed a specially crafted Web page via Internet Explorer. Read more here.
This security update addresses a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. Read more here.
This security update resolves six vulnerabilities in Internet Explorer that were reported privately. The most serious vulnerabilities may allow remote code execution if a user views a specially crafted Web site via Internet Explorer. Read more here.
This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most serious of these may allow remote code execution if an attacker made a spefically crafted SMB packet and sent it to an affected system. Read more here.
This security update resolves a privately reported vulnerability in Cinepak Codec, which may allow remote code execution if a user opens a specific media file or receives specially crafted streaming content from a Web site or any application that provides Web content. Read more here.
This security update addresses four Microsoft Office vulnerabilities that could allow remote code execution once a user opens a specially crafted .RTF email message. Read more here.
This security update addresses the Microsoft Office vulnerability that could allow remote code execution whenever a user opens a specially crafted Excel file. Read more here.
This security update addresses vulnerabilities in Microsoft Windows due to an error in processing buffer overflow. Read more here.
This security update addresses vulnerabilities in the the Tracing Feature for Services that could allow increase in privilege once an attacker runs a specially crafted application. Read more here.
This security update addresses two vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. Read more here.
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems.
Malware related to this vulnerability are already detected by the latest patterns of your Trend Micro product.
Microsoft addresses the following vulnerabilities in its July batch of patches:
This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003.
This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.
This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls.
This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook.
Wing FTP Server 3.1.2 on a Windows environment is affected. Other versions may also be affected.
Microsoft addresses the following vulnerabilities in its June batch of patches:
This security update resolves two publicly disclosed vulnerabilities and one privately reported vulnerability in the Windows kernel-mode drivers. The vulnerabilities could allow elevation of privilege if a user views content rendered in a specially crafted TrueType font.
This security update resolves two privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content.
This security update addresses two privately reported vulnerabilities for Microsoft software. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page that instantiates a specific ActiveX control with Internet Explorer.
This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.
This security update resolves a privately reported vulnerability in COM validation in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel, Word, Visio, Publisher, or PowerPoint file with an affected version of Microsoft Office.
This security update resolves a privately reported vulnerability in the Windows OpenType Compact Font Format (CFF) driver. The vulnerability could allow elevation of privilege if a user views content rendered in a specially crafted CFF font.
This security update resolves fourteen privately reported vulnerabilities in Microsoft Office. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.
This security update resolves one publicly disclosed and two privately reported vulnerabilities in Microsoft SharePoint. The most severe vulnerability could allow elevation of privilege if an attacker convinced a user of a targeted SharePoint site to click on a specially crafted link.
This security update resolves a privately reported vulnerability in Internet Information Services (IIS). An attacker who successfully exploited this vulnerability could take complete control of an affected system.
This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering in signed XML content without being detected.
This security update resolves a privately reported vulnerability in Outlook Express, Windows Mail, and Windows Live Mail. The vulnerability could allow remote code execution if a user visits a malicious e-mail server.
This security update resolves a privately reported vulnerability in Microsoft Visual Basic for Applications. The vulnerability could allow remote code execution if a host application opens and passes a specially crafted file to the Visual Basic for Applications runtime.
Following this month's Patch Tuesday release of Microsoft, multiple software vendors have also released patches for their own products. These companies include Adobe and Oracle.
Below is a summary of the patches released by these companies and the specific vulnerabilites they aim to address:
Trend Micro recommends users to apply these patches if they are installed in their systems.
Java, on the other hand, has issued a document days before Patch Tuesday fully disclosing an error found in their toolkit. A patch for it is yet to be provided.
Users of Trend Micro Deep Security™ and Trend Micro OfficeScan™ are already protected against this vulnerability via the Intrusion Defense Firewall (IDF) plug-in. Make sure your systems are updated with the IDF rule number 1004091.
This security update resolves two privately reported vulnerabilities in Windows Authenticode Verification that could allow remote code execution. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
This security update resolves one publicly disclosed and several privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request.
This security update resolves a privately reported This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application.
This security update resolves a publicly disclosed vulnerability in VBScript on Microsoft Windows that could allow remote code execution.
This security update resolves a privately reported vulnerability in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file.
This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Exchange and Windows SMTP Service.
This security update resolves a privately reported vulnerability in Windows Media Services running on Microsoft Windows 2000 Server.
This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file containing an MPEG Layer-3 audio stream.
This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site.
This security update resolves two privately reported vulnerabilities in Microsoft Office Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file.
This security update resolves one privately reported vulnerability in Microsoft Windows. This vulnerability could allow an attacker to spoof an IPv4 address so that it may bypass filtering devices that rely on the source IPv4 address.
The trigger to exploit these vulnerabilities is when a user, using a vulnerable version of Internet Explorer, visits or views a specially crafted webpage. Note that the impact is relative to the rights of the currently logged on user - users who have administrative rights on a system are highly impacted than those with few or no administrative rights.