Microsoft Security Bulletins for
= Check Point has provided a protection to this bulletin
Microsoft Security Bulletin MS10-002:
Cumulative Security Update for Internet Explorer (978207)
Severity: Critical
CVE-2009-4074: XSS Filter Script Handling Vulnerability
An XSS filter bypass vulnerability exists in the way that Internet Explorer 8 disables an HTML attribute in otherwise appropriately filtered HTTP response data. The vulnerability could allow initially disabled scripts to run in the wrong security context, leading to information disclosure.
- Check Point Response
- IPS research teams are studying this vulnerability and may issue a protection at a later date.
CVE-2010-0027: URL Validation Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer incorrectly validates input. An attacker could exploit the vulnerability by constructing a specially crafted URL. When a user clicks the URL, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- IPS research teams are studying this vulnerability and may issue a protection at a later date.
CVE-2010-0244: Uninitialized Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- Update Protection against Microsoft Internet Explorer Table Operations Memory Corruption Vulnerability (MS10-002) Release Date:
CVE-2010-0245: Uninitialized Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- Preemptive Protection against Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerabilities (MS10-002) Release Date:
CVE-2010-0246: Uninitialized Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- Preemptive Protection against Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerabilities (MS10-002) Release Date:
CVE-2010-0247: Uninitialized Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- Update Protection against Microsoft Internet Explorer DOM Operations Handling Memory Corruption Vulnerability (MS10-002) Release Date:
CVE-2010-0248: HTML Object Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- Update Protection against Microsoft Internet Explorer Event Operations HTML Object Memory Corruption Vulnerability (MS10-002) Release Date:
CVE-2010-0249: HTML Object Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- Preemptive Protection against Microsoft Internet Explorer Invalid Pointer Reference Remote Code Execution Vulnerability (MS10-002) Release Date:
CVE-2010-0249: HTML Object Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Check Point Response
- Update Protection against Microsoft Internet Explorer Invalid Pointer Reference Remote Code Execution Vulnerability (MS10-002) Release Date:
Microsoft Security Bulletin MS10-001:
Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270)
Severity: Critical
CVE-2010-0018: Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) Font Engine decompresses specially crafted EOT fonts. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Check Point Response
- Workaround for Microsoft Embedded OpenType Font Heap Overflow Vulnerability (MS10-001) Release Date: