Severity Rating: Critical - Revision Note: V1.4 (July 21, 2010): Corrected the value of the dword associated with enabling the defense-in-depth protection in the section, Frequently Asked Questions (FAQ) Related to This Security Update. Users who previously enabled the defense-in-depth protection against the blended threat issue should verify their environment is using the correct dword value.Summary: This security update resolves four privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer or if a user connects to an attacker's server by way of the HTTP protocol. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Revision Note: V1.2 (July 20, 2010): Clarified the vulnerability exploit description and updated the workarounds.Summary: Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as well as workarounds and mitigations for this issue.

Revision Note: V1.1 (July 14, 2010): Removed erroneous reference to Windows Embedded Standard 7 for MS10-043.Summary: This bulletin summary lists security bulletins released for July 2010.

Severity Rating: Important - Revision Note: V1.1 (July 14, 2010): Added a link to Microsoft Knowledge Base Article 978212 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Critical - Revision Note: V1.1 (July 14, 2010): Added a link to Microsoft Knowledge Base Article 982335 under Known Issues in the Executive Summary.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Critical - Revision Note: V1.1 (July 14, 2010): Added an entry to the update FAQ to provide guidance for Windows 7 Service Pack 1 Beta and Windows Server 2008 R2 Service Pack 1 Beta releases. Also removed erroneous references to Windows Embedded Standard 7.Summary: This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.

Revision Note: V4.0 (July 13, 2010): Revised to offer the rereleased security update for Windows Server 2008 and Windows Server 2008 R2 for MS10-024.Summary: This bulletin summary lists security bulletins released for April 2010.

Severity Rating: Critical - Revision Note: V1.0 (July 13, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message.

Severity Rating: Important - Revision Note: V2.0 (July 13, 2010): Rereleased bulletin to reoffer the updates for Windows Server 2008 and Windows Server 2008 R2 to address the known issue listed in KB 976323.Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Exchange and Windows SMTP Service. The more severe of these vulnerabilities could allow denial of service if an attacker sent a specially crafted DNS response to a computer running the SMTP service. By default, the SMTP component is not installed on Windows Server 2003, Windows Server 2003 x64 Edition, or Windows XP Professional x64 Edition.

Severity Rating: Important - Revision Note: V1.1 (July 13, 2010): Added an entry in the Update FAQ to announce a detection change to the update for Windows 7 for 32-bit Systems. This is a detection change only. There were no changes to the security update files in this bulletin. Customers who have already installed the update successfully do not need to reinstall.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users.

Severity Rating: Important - Revision Note: V1.4 (July 13, 2010): Revised this bulletin to announce an installation logic change to the updates for Microsoft .NET Framework 1.1 Service Pack 1 (KB979906) and Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 (KB979909). This is an installation logic change only that does not affect the update files contained in the initial update. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering of signed XML content without being detected. In custom applications, the security impact depends on how the signed content is used in the specific application. Scenarios in which signed XML messages are transmitted over a secure channel (such as SSL) are not affected by this vulnerability.

Severity Rating: Important - Revision Note: V1.1 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 971032 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually install the Message Queuing component are likely to be vulnerable to this issue.

Severity Rating: Important - Revision Note: V1.2 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 2027452 under Known Issues in the Executive Summary.Summary: This security update resolves fourteen privately reported vulnerabilities in Microsoft Office. The more severe vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Important - Revision Note: V1.1 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 982666 under Known Issues in the Executive Summary to address the issue where specific installations of IIS fail on restart after installing this security update.Summary: This security update resolves a privately reported vulnerability in Internet Information Services (IIS). The vulnerability could allow remote code execution if a user received a specially crafted HTTP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Severity Rating: Critical - Revision Note: V1.3 (June 23, 2010): Corrected the verification registry keys for Quartz.dll (DirectShow), Asycfilt.dll (COM component), and Windows Media Format Runtime 9.5 on Windows XP Professional x64 Edition Service Pack 2.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Important - Revision Note: V2.2 (June 23, 2010): Corrected installation switches for Movie Maker 6.0 on Windows Vista and removal information for Movie Maker 2.6 on Windows Vista and Windows 7.Summary: This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Critical - Revision Note: V1.1 (June 22, 2010): Revised this bulletin to announce a detection logic change to fix a reoffer issue with MPEG Layer-3 codecs on Microsoft Windows 2000 Service Pack 4. This is a detection change only that does not affect the files contained in the initial update. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file containing an MPEG Layer-3 audio stream. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Revision Note: V4.2 (June 22, 2010): Removed .NET Framework 1.1 Service Pack 1 as an affected component on Windows 7 and Windows Server 2008 R2 for MS09-061.Summary: This bulletin summary lists security bulletins released for October 2009.

Severity Rating: Critical - Revision Note: V1.4 (June 22, 2010): Removed .NET Framework 1.1 Service Pack 1 as an affected component on Windows 7 and Windows Server 2008 R2.Summary: This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in persuading a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing it, as could be the case in a Web hosting scenario. Microsoft .NET applications, Silverlight applications, XBAPs and ASP.NET pages that are not malicious are not at risk of being compromised because of this vulnerability.

Severity Rating: Important - Revision Note: V1.1 (June 16, 2010): Corrected the update file name for Microsoft Office Word 2007 in the Security Update Deployment section. Also added an entry to the update FAQ to explain why the update may be offered even when none of the affected software is present on the system.Summary: This security update resolves a privately reported vulnerability in COM validation in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel, Word, Visio, Publisher, or PowerPoint file with an affected version of Microsoft Office. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.