Severity Rating: Important - Revision Note: V1.1 (March 10, 2010): Corrected the severity table to list Microsoft Office Excel 2003 as affected by CVE-2010-0262. Corrected the package file name for Excel 2007. Also corrected the list of affected software in the Executive Summary. These are informational changes only. Customers who have successfully updated their systems do not need to take further action.Summary: This security update resolves seven privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Revision Note: V1.1 (March 10, 2010): Restated the mitigation concerning the e-mail vector. Added a new workaround for disabling the peer factory class in iepeers.dll.Summary: Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the browser, Internet Explorer 8, is not affected. The main impact of the vulnerability is remote code execution. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Revision Note: V1.0 (March 9, 2010): Bulletin Summary published.Summary: This bulletin summary lists security bulletins released for March 2010.

Severity Rating: Important - Revision Note: V1.0 (March 9, 2010): Bulletin published.Summary: This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and persuaded the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Important - Revision Note: V2.0 (March 9, 2010): Rereleased this bulletin to add Microsoft Virtual Server 2005 to affected software. No other update packages are affected by this rerelease.Summary: This security update resolves a privately reported vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected guest operating system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Revision Note: V1.3 (March 9, 2010): Updated the FAQ to announce the rerelease of the update that enables Internet Information Services to opt in to Extended Protection for Authentication. For more information, see Known issues in Microsoft Knowledge Base Article 973917.Summary: Microsoft is announcing the availability of a new feature, Extended Protection for Authentication, on the Windows platform. This feature enhances the protection and handling of credentials when authenticating network connections using Integrated Windows Authentication (IWA).

Revision Note: V8.0 (March 9, 2010): Revised to add Microsoft Virtual Server 2005 to affected software for MS09-033. Summary: This bulletin summary lists security bulletins released for July 2009.

Revision Note: Advance Notification published.Summary: This advance notification lists security bulletins to be released for March 2010.

Severity Rating: Important - Revision Note: V1.2 (March 2, 2010): Added an item to the Frequently Asked Questions (FAQ) About this Security Update to announce the offering of revised packages on Windows Update. Customers who have already successfully updated their systems do not need to take any action.Summary: This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.

Revision Note: V1.0 (March 1, 2010): Advisory published.Summary: Microsoft is investigating new public reports of a possible vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. The main impact of the vulnerability is remote code execution. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.

Severity Rating: Important - Revision Note: V1.1 (February 17, 2010): Added a link to Microsoft Knowledge Base Article 950762 under Known Issues in the Executive Summary.Summary: This security update resolves two privately reported vulnerabilities in the Pragmatic General Multicast (PGM) protocol that could allow a denial of service if malformed PGM packets are received by an affected system. An attacker who successfully exploited this vulnerability could cause a user’s system to become non-responsive and to require a restart to restore functionality. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.

Severity Rating: Critical - Revision Note: V1.5 (February 17, 2010): Corrected the MBSA detection entries for Microsoft Office Outlook 2007 and Microsoft Office Visio Viewer 2007. This is an information change only. There were no changes to the security update files or detection logic.Summary: This security update resolves several privately reported vulnerabilities in ActiveX Controls for Microsoft Office that were compiled with a vulnerable version of Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Revision Note: V1.1 (February 10, 2010): Corrected restart requirements for MS10-005.Summary: This bulletin summary lists security bulletins released for February 2010.

Severity Rating: Critical - Revision Note: V1.1 (February 10, 2010): Corrected the bulletin replacement for the Quartz (KB975560) update package. Corrected the restart requirements for the update on all platforms except Microsoft Windows 2000 and Windows Server 2008. Changed the Systems Management Server table entries for SMS 2003 with ITMU for Windows 7 and Windows Server 2008 R2. Finally, corrected the verification registry key for all supported x64-based editions of Windows XP. These are informational changes only. There were no changes to the security update files or detection logic.Summary: This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Severity Rating: Important - Revision Note: V1.1 (February 10, 2010): Corrected the FAQ for SMB Null Pointer Vulnerability - CVE-2010-0022 to reflect that the vulnerability was responsibly disclosed. Changed the Systems Management Server table entries for SMS 2003 with ITMU for Windows 7 and Windows Server 2008 R2. Corrected the verification registry key for all supported x64-based editions of Windows XP. These are informational changes only. There were no changes to the security update files or detection logic.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities.

Severity Rating: Important - Revision Note: V1.1 (February 10, 2010): Corrected the verification registry key for all supported x64-based editions of Windows XP. This is an informational change only.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerability could allow elevation of privilege if an attacker logs on to the system and starts a specially crafted application designed to continue running after the attacker logs out. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.

Severity Rating: Important - Revision Note: V1.1 (February 10, 2010): Changed the Systems Management Server table entry for SMS 2003 with ITMU for Windows Server 2008 R2. This is an informational change only. There were no changes to the security update files or detection logic.Summary: This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Severity Rating: Critical - Revision Note: V1.1 (February 10, 2010): Corrected the command-line information for the Disable the "Core Networking - Router Advertisement (ICMPv6-In)" inbound firewall rule workaround. This is an informational change only.Summary: This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if specially crafted packets are sent to a computer with IPv6 enabled. An attacker could try to exploit the vulnerability by creating specially crafted ICMPv6 packets and sending the packets to a system with IPv6 enabled. This vulnerability may only be exploited if the attacker is on-link.

Severity Rating: Critical - Revision Note: V1.1 (February 10, 2010): Added the "Is this control installed by default in Microsoft Office?" entry to the vulnerability FAQ for CVE-2010-0252. Changed entries in the Systems Management Server table for SMS 2003 with ITMU for Windows 7 and Windows Server 2008 R2. These are informational changes only.Summary: This security update addresses a privately reported vulnerability for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000 and Windows XP, Important for all supported editions of Windows Vista and Windows 7, Moderate for all supported editions of Windows Server 2003, and Low for all supported editions of Windows Server 2008 and Windows Server 2008 R2.

Severity Rating: Critical - Revision Note: V1.1 (February 10, 2010): Changed entries in the Systems Management Server table for SMS 2003 with ITMU for Windows 7 and Windows Server 2008 R2. This is an informational change only. There were no changes to the security update files or detection logic.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server.