Microsoft addresses the following vulnerabilities in its March batch of patches:
(MS10-016) Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)
This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003.
(MS10-017) Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)
This security update resolves seven privately reported vulnerabilities in Microsoft Office Excel.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.
Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.