This application requires Javascript for optimal performance.

Microsoft Security Bulletin for June 08, 2010

The table below lists the Microsoft vulnerabilities for June.
MS Bulletin Number Microsoft Bulletin TitleSeverityImpact of VulnerabilityAffected SoftwareCVE ID
MS10-033Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)CriticalRemote Code ExecutionMicrosoft Windows CVE-2010-1879
CVE-2010-1880
MS10-034Cumulative Security Update of ActiveX Kill Bits (980195)CriticalRemote Code ExecutionMicrosoft Windows CVE-2010-0252
CVE-2010-0811
MS10-035Cumulative Security Update for Internet Explorer (982381)CriticalRemote Code ExecutionMicrosoft Windows, Internet Explorer CVE-2010-1259
CVE-2010-1262
CVE-2010-0255
CVE-2010-1257
CVE-2010-1264
MS10-032Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)ImportantElevation of PrivilegeMicrosoft Windows CVE-2010-0485
CVE-2010-0484
CVE-2010-1255
MS10-036Vulnerability?in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)ImportantRemote Code ExecutionMicrosoft Office CVE-2010-1263
MS10-037Vulnerability in the OpenType Compact Font Format (CFF)) Driver Could Allow Elevation of Privilege (980218)ImportantElevation of PrivilegeMicrosoft Windows CVE-2010-0819
MS10-038Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)ImportantRemote Code ExecutionMicrosoft Office CVE-2010-0822
CVE-2010-0824
CVE-2010-1245
CVE-2010-1246
CVE-2010-1247
CVE-2010-1248
CVE-2010-1249
CVE-2010-1250
CVE-2010-1253
CVE-2010-1254
CVE-2010-0821
CVE-2010-0823
CVE-2010-1251
CVE-2010-1252
MS10-039Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)ImportantElevation of PrivilegeMicrosoft Office, Microsoft Server Software CVE-2010-0817
CVE-2010-1257
MS10-040Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)ImportantRemote Code ExecutionMicrosoft Windows CVE-2010-1256
MS10-041Vulnerability?in Microsoft .NET Framework Could Allow Tampering (981343)ImportantTamperingMicrosoft Windows, Microsoft .NET Framework CVE-2009-0217


Threat Remediation


Fortinet provides coverage on Microsoft vulnerabilities since Apr 01, 2010.

CVE NumberSignature Name
CVE-2010-0817MS.SharePoint.Server.Help.aspx.XSS
CVE-2010-0822MS.Excel.Object.LBSDropData.Stack.Overflow
CVE-2010-0824MS.Excel.WOpt.Record.Memory.Corruption
CVE-2010-1245MS.Excel.Sxview.Record.iCache.Memory.Corruption
CVE-2010-1246MS.Excel.RealTimeData.Record.StTopic.Memory.Corruption
CVE-2010-1247MS.Excel.RealTimeData.Record.IchSamePrefix.Memory.Corruption
CVE-2010-1248MS.Excel.HFPicture.Record.Length.Memory.Corruption
CVE-2010-1249MS.Excel.External.Name.Handling.Stack.Buffer.Overrun
CVE-2010-1250MS.Excel.EDG.Publisher.Code.Execution
CVE-2010-1253MS.Excel.DBQueryExt.Record.Memory.Corruption
CVE-2010-1259MS.IE.Stylesheet.Uninitialized.Memory.Corruption
CVE-2010-1262MS.IE.Stylesheet.Uninitialized.Memory.Corruption
CVE-2010-1879MS.Windows.Media.Decompression.Code.Execution
CVE-2010-0255MS.IE.History.Script.Injection
CVE-2010-0821MS.Excel.Sxview.Record.Colfirst.Memory.Corruption
CVE-2010-0823MS.Excel.StartObject.Pair.Memory.Corruption
[Previous Name: FG-VD-09-030-Microsoft]
CVE-2010-1251MS.Excel.BIFF5.LBL.Record.Stack.Corruption
CVE-2010-1252MS.Excel.BIFF5.String.Variable.Buffer.Overrun
CVE-2010-1880MS.Windows.MJPEG.Media.Decompression.Code.Execution
CVE-2009-0217XML.Signature.HMAC.Truncation.Authentication.Bypass
CVE-2010-1257MS.IE.SharePoint.toStaticHTML.XSS
CVE-2010-1264MS.Sharepoint.Help.Page.DoS
CVE-2010-0252MS.MSDA.ActiveX.Remote.Code.Execution
CVE-2010-0811MS.IE.Developer.Tools.ActiveX.Code.Execution

For more information on new and enhanced signatures, visit the IPS Service Update History. If you require more information, contact the FortiGuard Team using our Contact Us web page.


Document History


Revision DateVersion Number
Tuesday, June 08 20101Initial Documentation.


Reference: