| Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 29 vulnerabilities spread across 9 security bulletins included in the December 2010 Microsoft patch cycle. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections as necessary. |
| MS10-090 – Cumulative Security Update for Internet Explorer (2416400) |
Severity: Critical
Affected Software
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
|
| CVE-2010-3340 - HTML Object Memory Corruption Vulnerability |
| Description: A use after free error exists on Internet Explorer 6/7, which could lead to code execution. |
| CVE-2010-3343 - HTML Object Memory Corruption Vulnerability |
| Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. |
| CVE-2010-3345 - HTML Element Memory Corruption Vulnerability |
| Description: A memory corruption vulnerability when handling elements may lead to remote code execution. |
| CVE-2010-3346 - HTML Element Memory Corruption Vulnerability |
| Description: A memory corruption vulnerability exists when handling HTML+Time, that could lead to a crash or possible remote code execution |
| CVE-2010-3962 - Uninitialized Memory Corruption Vulnerability |
| Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. |
| MS10-091 – Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Remote Code Execution (2296199) |
Severity: Critical
Affected Software
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
|
| CVE-2010-3956 - OpenType Font Index Vulnerability |
| Description: A font index vulnerability in the ATMFD Adobe font driver included in Windows could lead to code execution when parsing a malicious font file. |
| CVE-2010-3957 - OpenType Font Double Free Vulnerability |
| Description: A double free vulnerability in the ATMFD Adobe font driver included in Windows could lead to code execution when parsing a malicious font file. |
| CVE-2010-3959 - OpenType CMAP Table Vulnerability |
| Description: A vulnerability in the ATMFD Adobe font driver included in Windows could lead to code execution when parsing a malicious font file. |
| MS10-092 – Vulnerability in Task Scheduler could allow for Elevation of Privilege (2305420) |
Severity: Important
Affected Software
- Windows Vista
- Windows Server 2008
- Windows 7
|
| CVE-2010-3338 - Task Scheduler Vulnerability |
| Description: A local vulnerability in the Windows task scheduler can lead to code execution in SYSTEM context. |
| MS10-098 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673) |
Severity: Important
Affected Software
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
|
| CVE-2010-3940 - Win32k PFE Pointer Double Free Vulnerability |
| Description: An elevation of privilege vulnerability exists due to the way that the Windows kernel-mode drivers free objects that are no longer in use. |
| CVE-2010-3941 - Win32k Double Free Vulnerability |
| Description: An elevation of privilege vulnerability exists due to the way that the Windows kernel-mode drivers free objects that are no longer in use. |
| CVE-2010-3942 - Win32k WriteAV Vulnerability |
| Description: An elevation of privilege vulnerability exists in the way that Windows kernel-mode drivers improperly allocate memory when copying data from user mode. |
| CVE-2010-3943 - Win32k Cursor Linking Vulnerability |
| Description: An elevation of privilege vulnerability exists due to the way that Windows Kernel-mode drivers manage kernel-mode driver objects. |
| CVE-2010-3944 - Win32k Memory Corruption Vulnerability |
| Description: An elevation of privilege vulnerability exists in the way that the Windows kernel-mode drivers improperly validate input passed from user mode. |
| MS10-099 – Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591) |
Severity: Important
Affected Software
- Windows XP
- Windows Server 2003
|
| CVE-2010-3963 - Kernel NDProxy Buffer Overflow Vulnerability |
| Description: An elevation of privilege vulnerability exists in the Routing and Remote Access NDProxy component of the Windows kernel due to improper validation of input passed from user mode to the kernel. |
| MS10-100 – Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962) |
Severity: Important
Affected Software
- Windows Vista
- Windows Server 2008
- Windows 7
|
| CVE-2010-3961 - Consent UI Impersonation Vulnerability |
| Description: An elevation of privilege vulnerability exists in the way that the Consent User Interface (UI) improperly processes special values read from the registry. |
| MS10-103 – Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (2292970) |
Severity: Important
Affected Software
- Microsoft Office XP
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2010
|
| CVE-2010-2569 - Size Value Heap Corruption Vulnerability in pubconv.dll |
| Description: A remote vulnerability in Publisher could cause heap corruption, resulting in arbitrary code execution. |
| CVE-2010-2570 - Heap Overrun Vulnerability in pubconv.dll |
| Description: A remote vulnerability in Publisher could cause a heap overflow, resulting in arbitrary code execution. |
| CVE-2010-2571 - Memory Corruption Due To Invalid Index Into Array in Pubconv.dll |
| Description: A remote vulnerability in Publisher could cause an integer overflow, resulting in arbitrary code execution. |
| CVE-2010-3954 - Microsoft Publisher Memory Corruption Vulnerability |
| Description: A remote vulnerability in Publisher could cause memory corruption, resulting in arbitrary code execution. |
| CVE-2010-3955 - Array Indexing Memory Corruption Vulnerability |
| Description: A remote vulnerability in Publisher could cause an integer overflow, resulting in arbitrary code execution. |
| MS10-104 – Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005) |
Severity: Important
Affected Software
- Microsoft SharePoint Portal Server 2001
- Microsoft SharePoint Portal Server 2003
- Microsoft Windows SharePoint Services 2.0
- Microsoft Windows SharePoint Services 3.0
- SharePoint Foundation 2010
- Microsoft SharePoint Server 2010
- Microsoft Groove 2007
- Microsoft SharePoint Workspace
|
| CVE-2010-3964 - Malformed Request Code Execution Vulnerability |
| Description: A remote code execution vulnerability exists in the way that the Document Conversions Launcher Service validates SOAP requests before processing on a SharePoint server. |
| MS10-105 – Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095) |
Severity: Important
Affected Software
- Microsoft Office XP
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Office Converter Pack
- Microsoft Works 9
|
| CVE-2010-3945 - Embedded OpenType Font Integer Overflow Vulnerability |
| Description: A vulnerability in the .CGM image converter included in Office could cause a heap overflow, resulting in arbitrary code execution. |
| CVE-2010-3946 - PICT Image Converter Integer Overflow Vulnerability |
| Description: A bug in the PICT graphics converter in Microsoft Office could cause an integer overflow, resulting in arbitrary code execution. |
| CVE-2010-3947 - TIFF Image Converter Heap Overflow Vulnerability |
| Description: A vulnerability in the TIFFIM32.FLT filter that ships in Office XP could cause a heap overflow, resulting in arbitrary code execution. |
| CVE-2010-3949 - TIFF Image Converter Buffer Overflow Vulnerability |
| Description: A vulnerability exists in the TIFFIM32.FLT filter that ships in Office XP could cause a buffer overflow, resulting in arbitrary code execution. |
| CVE-2010-3950 - TIFF Image Converter Memory Corruption Vulnerability |
| Description: A vulnerability in the Microsoft Office Document Imaging tool could cause a memory corruption, resulting in arbitrary code execution. |
| CVE-2010-3951 - FlashPix Image Converter Buffer Overflow Vulnerability |
| Description: A vulnerability in the FlashPix Graphics Filter could cause a buffer overflow, resulting in arbitrary code execution. |
| CVE-2010-3952 - FlashPix Image Converter Heap Corruption Vulnerability |
| Description: A vulnerability in the FlashPix Graphics Filter could cause heap corruption, resulting in arbitrary code execution. |
About Zscaler
Through a multi-tenant, globally-deployed infrastructure, Zscaler enforces business policy, mitigates risk, and provides twice the functionality at a fraction of the cost of current solutions. It enables organizations to provide the right access to the right users, from any place and on any device, while empowering the end-user with a rich Internet experience. For more information, visit us at www.zscaler.com. |
Press Contacts:
Paula Dunne
Office: +1-408-776-1400, Mobile: +1-408-893-8750
Paula.Dunne@zscaler.com |
| Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners. |
| Related Links: |
|
| |
The Cloud Security Company™
