Tuesday, March 9, 2010

Microsoft Patch Tuesday for March 2010

Microsoft has taken pity on us and released only two patches this month. This duo of fixes is associated with 8 CVEs.

MS10-016 maps to CVE-2010-265 and impacts Windows Movie Maker. No big deal there, so move this down your prioritization list.

MS10-017 involves a bunch of CVEs related to Microsoft Excel, but there are no known exploits in the wild at this time. This is a wide-ranging vulnerability, affecting all versions of Excel, Office 2004 and Office 2008 for Mac, the Open XML File Format Converter for Mac, Excel viewer, and SharePoint 2007. As is typical, a user would need to open a specially-crafted malicious file in order to get into trouble, but we all know that users click on anything that drops into their inbox, so patch this one sooner rather than later.

The Microsoft Security Response Center blog entry has more details, and the advisory can be found here.

No comments:

Post a Comment

Please tell me what you think.