Added support for January 2010 Microsoft security updates

The information in this article applies to:

• GFI LANguard 9.0
• GFI LANguard Network Security Scanner 8

Article ID: KBID003724

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

• MS10-001 - Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270)

More Information:

MS10-001
Severity Rating: Critical
Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font in client applications that can render EOT fonts, such as Microsoft Internet Explorer, Microsoft Office PowerPoint, or Microsoft Office Word. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Microsoft Windows 2000, and is rated Low for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Included Updates:

• Security Update for Windows 7 (KB972270)
• Security Update for Windows 7 for x64-based Systems (KB972270)
• Security Update for Windows Vista (KB972270)
• Security Update for Windows Vista for x64-based Systems (KB972270)
• Security Update for Windows Server 2008 (KB972270)
• Security Update for Windows Server 2008 x64 Edition (KB972270)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB972270)
• Security Update for Windows Server 2008 R2 x64 Edition (KB972270)
• Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB972270)
• Security Update for Windows Server 2003 (KB972270)
• Security Update for Windows Server 2003 x64 Edition (KB972270)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB972270)
• Security Update for Windows XP (KB972270)
• Security Update for Windows XP x64 Edition (KB972270)
• Security Update for Windows 2000 (KB972270)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-001.mspx

Note

• The above patches may not be supported on all Operating System or product languages. A list of languages supported by GFI LANguard is found at: http://kbase.gfi.com/showarticle.asp?id=KBID002517
  
  
• A list of bulletins supported by GFI LANguard can be found in the following page:
  http://www.gfi.com/lannetscan/msfullreport.htm