Microsoft issued four security bulletins yesterday fixing vulnerabilities in:
— Microsoft Windows Help and SupportCenter (MS10-042)
— Microsoft Windows Canonical Display Driver (cdd.dll) (MS10-043)
— Microsoft Office Access ActiveX Controls (MS10-044)
— Microsoft Office Outlook (MS10-045)
The vulnerability in Help and SupportCenter, (MS10-042), was in the news last month when a researcher released proof of concept code which malicious operators then exploited. The vulnerability allowed execution of code from a malicious Web page or malicious link in an e-mail
Microsoft summary here.
The monthly updates also mark the end of Microsoft’s support for Windows XP Service Pack 2. Users should upgrade to XP SP3 or Win 7.