Microsoft issued four security bulletins yesterday fixing vulnerabilities in:
— Microsoft Windows Help and SupportCenter (MS10-042)
— Microsoft Windows Canonical Display Driver (cdd.dll) (MS10-043)
— Microsoft Office Access ActiveX Controls (MS10-044)
— Microsoft Office Outlook (MS10-045)
The vulnerability in Help and SupportCenter, (MS10-042), was in the news last month when a researcher released proof of concept code which malicious operators then exploited. The vulnerability allowed execution of code from a malicious Web page or malicious link in an e-mail
Microsoft summary here.
The monthly updates also mark the end of Microsoft’s support for Windows XP Service Pack 2. Users should upgrade to XP SP3 or Win 7.
Tom Kelchner