Added support for February 2010 Microsoft security updates

The information in this article applies to:

• GFI LANguard 9.0
• GFI LANguard Network Security Scanner 8

Article ID: KBID003776

Query keywords: Patch Detection update, Security Updates

Support for the following Microsoft security updates have been released by GFI for GFI LANguard.
These updates will be automatically downloaded and added to your security vulnerability scanning database on your next restart of GFI LANguard.

New Security Updates Supported:

• MS10-015 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)
• MS10-014 - Vulnerability in Kerberos Could Allow Denial of Service (977290)
• MS10-013 - Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)
• MS10-012 - Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)
• MS10-011 - Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)
• MS10-010 - Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894)
• MS10-009 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
• MS10-008 - Cumulative Security Update of ActiveX Kill Bits (978262)
• MS10-007 - Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)
• MS10-006 - Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
• MS10-005 - Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)
• MS10-004 - Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
• MS10-003 - Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)

More Information:

MS10-015
Severity Rating: Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)

Description:

This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 for 32-bit Systems.

Included Updates:

• Security Update for Windows XP x64 Edition (KB977165)
• Security Update for Windows XP (KB977165)
• Security Update for Windows Vista for x64-based Systems (KB977165)
• Security Update for Windows Vista (KB977165)
• Security Update for Windows Server 2008 x64 Edition (KB977165)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB977165)
• Security Update for Windows Server 2008 (KB977165)
• Security Update for Windows Server 2003 x64 Edition (KB977165)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB977165)
• Security Update for Windows Server 2003 (KB977165)
• Security Update for Windows 7 (KB977165)
• Security Update for Windows 2000 (KB977165)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-015.mspx

MS10-014
Severity Rating: Important
Vulnerability in Kerberos Could Allow Denial of Service (977290)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a specially crafted ticket renewal request is sent to the Windows Kerberos domain from an authenticated user on a trusted non-Windows Kerberos realm. The denial of service could persist until the domain controller is restarted. This security update is rated Important for all supported editions of Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008.

Included Updates:

• Security Update for Windows Server 2008 x64 Edition (KB977290)
• Security Update for Windows Server 2008 (KB977290)
• Security Update for Windows Server 2003 x64 Edition (KB977290)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB977290)
• Security Update for Windows Server 2003 (KB977290)
• Security Update for Windows 2000 (KB977290)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-014.mspx

MS10-013
Severity Rating: Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)

Description:

This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported editions of Microsoft Windows except for all supported Itanium-based editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2, for which this security update is rated Important.

Included Updates:

• Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB975560)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB975560)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB975560)
• Security Update for Windows 2000 (KB975560)
• Security Update for DirectX 9 for Windows 2000 (KB975560)
• Security Update for Windows XP x64 Edition (KB977914)
• Security Update for Windows XP (KB977914)
• Security Update for Windows Server 2003 x64 Edition (KB977914)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB977914)
• Security Update for Windows Server 2003 (KB977914)
• Security Update for Windows 2000 (KB977914)
• Security Update for Windows XP x64 Edition (KB975560)
• Security Update for Windows XP (KB975560)
• Security Update for Windows Vista for x64-based Systems (KB975560)
• Security Update for Windows Vista (KB975560)
• Security Update for Windows Server 2008 x64 Edition (KB975560)
• Security Update for Windows Server 2008 R2 x64 Edition (KB975560)
• Security Update for Windows Server 2008 (KB975560)
• Security Update for Windows Server 2003 x64 Edition (KB975560)
• Security Update for Windows Server 2003 (KB975560)
• Security Update for Windows 7 for x64-based Systems (KB975560)
• Security Update for Windows 7 (KB975560)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-013.mspx

MS10-012
Severity Rating: Important
Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)

Description:

This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities. This security update is rated Important for all supported editions of Microsoft Windows.

Included Updates:

• Security Update for Windows XP x64 Edition (KB971468)
• Security Update for Windows XP (KB971468)
• Security Update for Windows Vista for x64-based Systems (KB971468)
• Security Update for Windows Vista (KB971468)
• Security Update for Windows Server 2008 x64 Edition (KB971468)
• Security Update for Windows Server 2008 R2 x64 Edition (KB971468)
• Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB971468)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB971468)
• Security Update for Windows Server 2008 (KB971468)
• Security Update for Windows Server 2003 x64 Edition (KB971468)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB971468)
• Security Update for Windows Server 2003 (KB971468)
• Security Update for Windows 7 for x64-based Systems (KB971468)
• Security Update for Windows 7 (KB971468)
• Security Update for Windows 2000 (KB971468)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-012.mspx

MS10-011
Severity Rating: Important
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not affected. The vulnerability could allow elevation of privilege if an attacker logs on to the system and starts a specially crafted application designed to continue running after the attacker logs out. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by anonymous users. This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.

Included Updates:

• Security Update for Windows XP x64 Edition (KB978037)
• Security Update for Windows XP (KB978037)
• Security Update for Windows Server 2003 x64 Edition (KB978037)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB978037)
• Security Update for Windows Server 2003 (KB978037)
• Security Update for Windows 2000 (KB978037)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-011.mspx

MS10-010
Severity Rating: Important
Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894)

Description:

This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users. This security update is rated Important for all supported x64-based editions of Windows Server 2008 and Windows Server 2008 R2.

Included Updates:

• Security Update for Windows Server 2008 x64 Edition (KB977894)
• Security Update for Windows Server 2008 R2 x64 Edition (KB977894)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-010.mspx

MS10-009
Severity Rating: Critical
Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)

Description:

This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if specially crafted packets are sent to a computer with IPv6 enabled. An attacker could try to exploit the vulnerability by creating specially crafted ICMPv6 packets and sending the packets to a system with IPv6 enabled. This vulnerability may only be exploited if the attacker is on-link. This security update is rated Critical for Windows Vista and Windows Server 2008.

Included Updates:

• Security Update for Windows Vista for x64-based Systems (KB974145)
• Security Update for Windows Vista (KB974145)
• Security Update for Windows Server 2008 x64 Edition (KB974145)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB974145)
• Security Update for Windows Server 2008 (KB974145)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-009.mspx

MS10-008
Severity Rating: Critical
Cumulative Security Update of ActiveX Kill Bits (978262)

Description:

This security update addresses a privately reported vulnerability for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000 and Windows XP, Important for all supported editions of Windows Vista and Windows 7, Moderate for all supported editions of Windows Server 2003, and Low for all supported editions of Windows Server 2008 and Windows Server 2008 R2.

Included Updates:

• Cumulative Security Update for ActiveX Killbits for Windows XP x64 Edition (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows XP (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Vista (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 x64 Edition (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 for Itanium-based Systems (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 for Itanium-based Systems (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2008 (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2003 x64 Edition (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2003 for Itanium-based Systems (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows Server 2003 (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows 7 (KB978262)
• Cumulative Security Update for ActiveX Killbits for Windows 2000 (KB978262)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-008.mspx

MS10-007
Severity Rating: Critical
Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not impacted by this security update. The vulnerability could allow remote code execution if an application, such as a Web browser, passes specially crafted data to the ShellExecute API function through the Windows Shell Handler. This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.

Included Updates:

• Security Update for Windows XP x64 Edition (KB975713)
• Security Update for Windows XP (KB975713)
• Security Update for Windows Server 2003 x64 Edition (KB975713)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB975713)
• Security Update for Windows Server 2003 (KB975713)
• Security Update for Windows 2000 (KB975713)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-007.mspx

MS10-006
Severity Rating: Critical
Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)

Description:

This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server. This security update is rated Critical for Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows 7, and Windows Server 2008 R2, and is rated Important for Windows Vista and Windows Server 2008.

Included Updates:

• Security Update for Windows XP x64 Edition (KB978251)
• Security Update for Windows XP (KB978251)
• Security Update for Windows Vista for x64-based Systems (KB978251)
• Security Update for Windows Vista (KB978251)
• Security Update for Windows Server 2008 x64 Edition (KB978251)
• Security Update for Windows Server 2008 R2 x64 Edition (KB978251)
• Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB978251)
• Security Update for Windows Server 2008 for Itanium-based Systems (KB978251)
• Security Update for Windows Server 2008 (KB978251)
• Security Update for Windows Server 2003 x64 Edition (KB978251)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB978251)
• Security Update for Windows Server 2003 (KB978251)
• Security Update for Windows 7 for x64-based Systems (KB978251)
• Security Update for Windows 7 (KB978251)
• Security Update for Windows 2000 (KB978251)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-006.mspx

MS10-005
Severity Rating: Moderate
Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)

Description:

This security update resolves a privately reported vulnerability in Microsoft Paint. The vulnerability could allow remote code execution if a user viewed a specially crafted JPEG image file using Microsoft Paint. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Moderate for Microsoft Windows 2000, Windows XP, and Windows Server 2003.

Included Updates:

• Security Update for Windows XP x64 Edition (KB978706)
• Security Update for Windows XP (KB978706)
• Security Update for Windows Server 2003 x64 Edition (KB978706)
• Security Update for Windows Server 2003 for Itanium-based Systems (KB978706)
• Security Update for Windows Server 2003 (KB978706)
• Security Update for Windows 2000 (KB978706)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-005.mspx

MS10-004
Severity Rating: Important
Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)

Description:

This security update resolves six privately reported vulnerabilities in Microsoft Office PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for supported editions of Microsoft Office PowerPoint 2002 and Microsoft Office PowerPoint 2003, and Microsoft Office 2004 for Mac.

Included Updates:

• Security Update for Microsoft PowerPoint 2002 (KB973143)
• Security Update for Microsoft Office PowerPoint 2003 (KB976881)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-004.mspx

MS10-003
Severity Rating: Important
Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)

Description:

This security update resolves a privately reported vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for all supported editions of Microsoft Office XP and Microsoft Office 2004 for Mac.

Included Updates:

• Security Update for Microsoft Office XP (KB977896)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS10-003.mspx

Note

• The above patches may not be supported on all Operating System or product languages. A list of languages supported by GFI LANguard is found at: http://kbase.gfi.com/showarticle.asp?id=KBID002517
  
  
• A list of bulletins supported by GFI LANguard can be found in the following page:
  http://www.gfi.com/lannetscan/msfullreport.htm