The following is a breakdown from Symantec of the “Critical” issues being addressed this month: 1. MS10-019 Vulnerabilities in Windows Could Allow Remote Code Execution (981210) CVE-2010-0486 (
BID 39328)
Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1) A remote code execution vulnerability affects the Windows Authenticode Signature Verification function when signing and verifying PE or cabinet files. An attacker can exploit this issue by tricking an unsuspecting victim into running a signed PE or cabinet file. Successful exploits will result in the execution of arbitrary attacker-supplied code in the context in which the application was run. Possibly aiding in a complete system compromise.
Affects: Authenticode Signature Verification 6.0 and 6.1
CVE-2010-0487 (
BID 39332)
Microsoft Windows Cabinet File Viewer Cabview Validation Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1) A remote code execution vulnerability affects the Windows Authenticode Signature Verification for ‘.cab’ file formats. An attacker can exploit this issue by tricking an unsuspecting victim into running a signed PE or cabinet file. Successful exploits will result in the execution of arbitrary attacker-supplied code in the context in which the application was run. Possibly aiding in a complete system compromise.
Affects: Cabinet File Viewer Shell Extension 6.0 and 6.1
2. MS10-020 Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) CVE-2010-0269 (
BID 39312)
Microsoft Windows SMB Client Memory Allocation Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.8) A remote code-execution vulnerability affects the SMB client due to a memory allocation issue. An attacker can exploit this issue by tricking an unsuspecting victim into connecting to a malicious SMB server. A successful exploit will result in the execution of arbitrary attacker-supplied code with SYSTEM-level privileges.
Affects: Microsoft Windows 2000 SP4, Windows XP SP2, Windows XP SP3, Windows XP Professional x64 Edition SP2, Windows Server 2003 SP2, Windows Server 2003 x64 Edition SP2, Windows Server 2003 with SP2 for Itanium-based Systems, Windows Vista, Windows Vista SP1, Windows Vista SP2, Windows Vista x64 Edition, Windows Vista x64 Edition SP1, Windows Vista x64 Edition SP2, Windows Server 2008 for 32-bit Systems, Windows Server 2008 for 32-bit Systems SP2, Windows Server 2008 for x64-based Systems, Windows Server 2008 for x64-based Systems SP2, Windows Server 2008 for Itanium-based Systems, Windows Server 2008 for Itanium-based Systems SP2, Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Windows Server 2008 R2 for x64-based Systems, and Windows Server 2008 R2 for Itanium-based Systems
CVE-2010-0270 (
BID 39339)
Microsoft Windows SMB Client Transaction Response Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.8) A remote code-execution vulnerability affects the SMB client because it improperly validates fields in an SMB response. An attacker can exploit this issue by tricking an unsuspecting victim into connecting to a malicious SMB server. A successful exploit will result in the execution of arbitrary attacker-supplied code with SYSTEM-level privileges.
Affects: Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Windows Server 2008 R2 for x64-based Systems, and Windows Server 2008 R2 for Itanium-based Systems
CVE-2010-0476 (
BID 39336)
Microsoft Windows SMB Client Response Parsing Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.8) A remote code-execution vulnerability affects the SMB client because of how it parses SMB transaction responses. An attacker can exploit this issue by tricking an unsuspecting victim into connecting to a malicious SMB server. A successful exploit will result in the execution of arbitrary attacker-supplied code with SYSTEM-level privileges.
Affects: Windows Server 2003 SP2, Windows Server 2003 x64 Edition SP2, Windows Server 2003 with SP2 for Itanium-based Systems, Windows Vista, Windows Vista SP1, Windows Vista SP2, Windows Vista x64 Edition, Windows Vista x64 Edition SP1, Windows Vista x64 Edition SP2, Windows Server 2008 for 32-bit Systems, Windows Server 2008 for 32-bit Systems SP2, Windows Server 2008 for x64-based Systems, Windows Server 2008 for x64-based Systems SP2, Windows Server 2008 for Itanium-based Systems, Windows Server 2008 for Itanium-based Systems SP2, Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Windows Server 2008 R2 for x64-based Systems, and Windows Server 2008 R2 for Itanium-based Systems
CVE-2010-0477 (
BID 39340)
Microsoft Windows SMB Client Message Size Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.8) A remote code-execution vulnerability affects the SMB client because of how it handles malformed SMB responses. An attacker can exploit this issue by tricking an unsuspecting victim into connecting to a malicious SMB server. A successful exploit will result in the execution of arbitrary attacker-supplied code with SYSTEM-level privileges.
Affects: Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Windows Server 2008 R2 for x64-based Systems, and Windows Server 2008 R2 for Itanium-based Systems
3. MS10-025 Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) CVE-2010-0478 (
BID 39356)
Microsoft Windows Media Service Transport Information Packet Stack Buffer Overflow Vulnerability (MS Rating: Critical / Symantec Rating: 7.5) A remote code execution vulnerability affects Microsoft Windows when running the optional Windows Media Services component when handling specially crafted transport information packets. An attacker can exploit this issue by sending a malicious packet to an affected computer. Successful exploits will result in the execution of arbitrary attacker-supplied code with SYSTEM-level privileges.
Affects: Microsoft Windows 2000 SP4
4. MS10-026 Vulnerability in Microsoft DirectShow Could Cause Remote Code Execution (977816) CVE-2010-0480 (
BID 39303)
Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability (MS Rating: Critical / Symantec Rating: 7.1) A remote code-execution vulnerability affects the Microsoft MPEG Layer-3 codecs when handling a specially crafted AVI media file. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious AVI file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.
Affects: MPEG Layer-3 Codec for Microsoft DirectShow
5. MS10-027 Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402) CVE-2010-0268 (
BID 39351)
Microsoft Windows Media Player ActiveX Control Remote Code Execution Vulnerability (MS Rating: Critical / Symantec Rating: 7.1) A remote code-execution vulnerability affects the Media Player ActiveX control. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a specially crafted web page.
Affects: Media Player 9