Microsoft Patch Tuesday for April 2010: 11 bulletins addressing 25 vulnerabilities

According to the Microsoft Security Response Center, Microsoft will issue 11 Security Bulletins addressing 25 vulnerabilities on Tuesday. It will also host a webcast to address customer questions about the bulletins the following day (April 14 at 11:00 am PST, if you're interested).

Five of the vulnerabilities are rated "Critical," five are marked "Important," and the last one is classified as "Moderate." All of the Critical vulnerabilities earned their rating through a remote code execution impact, meaning a hacker could potentially gain control of an infected machine. At least 7 of the 11 patches will require a restart.

Compared to last month's quiet Patch Tuesday, this one is quite a whopper. The exact breakdown of the bulletins is as follows:

Bulletin 1: Critical (Remote Code Execution), Windows
Bulletin 2: Critical (Remote Code Execution), Windows
Bulletin 3: Critical (Remote Code Execution), Windows
Bulletin 4: Critical (Remote Code Execution), Windows
Bulletin 5: Critical (Remote Code Execution), Windows
Bulletin 6: Important (Elevation of Privilege), Windows
Bulletin 7: Important (Remote Code Execution), Windows
Bulletin 8: Important (Remote Code Execution), Office
Bulletin 9: Important (Denial of Service), Windows, Exchange
Bulletin 10: Important (Remote Code Execution), Office
Bulletin 11: Moderate (Spoofing), Denial of Service

http://arstechnica.com/microsoft/news/2010/04/microsoft-patch-tuesday-for-april-2010-11-bulletins.ars

No, wait...that was "88 Lines About 44 Women." Never mind.

=====

Deborah was a Catholic girl,
she held out to the bitter end.
Carla was a different type,
she's the one who put it in.
Mary was a black girl,
and I was afraid of a girl like that.
Susan painted pictures sitting down
like the Buddhists sat.

Reno was an aimless girl,
a geographic memory.
Cathy was a Jesus-freak,
she liked that kind of misery.
Vicky had this special way
of turning sex into a song.
Camella couldn't sing,
kept the beat and kept it strong.

Xylla was an archetype,
the voodoo queen the queen of rap.
Joan thought men were second best
to masturbating in the bath.
Sherri was a feminist,
she really had that gift of gab.
Kathleen's point of view was this:
take whatever you can grab.

Seattle was another girl
who left her mark upon the map.
Karen liked to tie me up,
and left me hanging by a strap.
Jeannie had this nightclub walk
that made grown men feel underage.
Mary Ellen who had a son
said "I must go," but finally stayed.

Gloria the last taboo
was shattered by her tongue one night.
Mimi brought the taboo back
and held it up before the light.
Marilyn who knew no shame,
was never ever satisfied.
Julie came and went so fast,
she didn't even say good-bye.

Well Rhonda had a house in Venice,
lived on brown rice and cocaine.
Patty had a house in Houston,
shot cough syrup in her veins.
Linda thought her life was empty,
filled it up with alcohol.
Katherine was much too pretty,
she didn't do that shit at all.

Uh-uh. Not Katherine.

Pauline thought that love was simple,
turn it on and turn it off.
Jean-Marie was complicated,
like some French film-maker's plot.
Gina was the perfect lady,
always kept her stockings straight.
Jackie was a rich punk-rocker,
silver spoon and a paper plate.

Sarah was a modern dancer,
lean pristine transparency.
Janet wrote bad poetry
in a crazy kind of urgency.
Tanya Turkish liked to fuck
while wearing leather biker boots.
Brenda's strange obsession
was for certain vegetables and fruits.

Roeena was an artist's daughter,
the deeper image shook her up.
Dee-dee's mother left her father,
took his money and his truck.
Debbie-Rae had no such problems,
perfect Norman Rockwell home.
Nina sixteen had a baby,
left her parents lived alone.
Bobbie joined a new-wave band,
and changed her name to Bobbie-sox.
Eloise who played guitar,
sang songs about whales and cops.
Terri didn't give a shit,
just a nihilist.
Ronnie was much more my style,
she wrote songs just like this.
Jezebel went forty days
drinking nothing but Perrier.
Dinah drove her Chevrolet
into the San Francisco bay.
Judy came from Ohio,
she's a Scientologist.
Pomerante here's a kiss,
I chose you to end this list.

- The Nails.

trumps all things micro$haft

and your date secure.

I wonder if anybody has ever tried to calculate how many trillions(?) of dollars M$ has cost the economy because of their inferior tech and obscene business model?

We just applied a major patch to our $87 million Oracle server.

Not patching software is the equivalent of putting you head in the sand and pretending you are safe.

While patches are common, it was only with adoption of M$'s incompetence in development and their scheme to have customers pay them for the privilege of beta testing that this has become SOP and therefore accepted as the way it is.

You know what? I'll bet that tank is still in the garage somewhere and I bet it still works.

That's scary. You do know that vulnerabilities are found in ALL operating systems, right?

No, nothing is perfect, however the UNIXesque kernel and security rules make it impractical to bother to, and ineffective if you did, write the types of viruses that are rampant.

Browsers are the biggest vulnerability (after human stupidity of course) to any system today and guess who it is that is responsible for that?

(#1 being that I claimed there was a "Linux virus in the wild", #2 being that I'm a "Microserf")

... I'm glad that you can at least admit that every OS has flaws, and should be updated.

Oh, and as far as browsers being the biggest vulnerability, that's true - but did Microsoft invent the web browser?

to make their crime 'permanent', and eventually paid a tiny handful of pocket change to buy off the government and avoid what the Sherman Act dictates as penalty for their behavior. They then proceeded to make it more vulnerable, less functional, and adamantly refused to follow any of the protocols developed to limit the damages this new technology might create. The M$ strategy to make everything proprietary, despite their innate incompetence, is similar to Wall Street's. Every day, they make everything worse for everybody else, while stealing as much as they can get their hands on.

Like so many other issues we can name, we are the only nation on earth that tolerates rewards this kind of anti-social criminality. M$ has lost suit after suit after suit in nation after nation, except here where they can buy 'justice' while imposing their crapware through their effective monopoly.

BTW - "The M$ strategy to make everything proprietary"?

Let me know when you can buy (or build, for that matter) a computer of your choice and install a copy of OS X on it. Legally and supported by Apple, of course. Don't be fooled that any huge corporation truly has your interests in mind.

and unlawful business practices interpreted as trusting huge corporations?:crazy:

And what is it with this "Oh well, that crime was committed in the past and we have to pretend it's all OK now" attitude? This company has pushed software development down one dead-end after another, and we have all paid an exorbitant price just to make a few billionaires.

I went to their website, but I haven't a clue. Is this Windows 7? Windows Vista? Windows XP? All or some of them? Some days I just want to throttle Microsoft. :shrug:

But, thanks for the heads up, regardless.

Kidding.




You can't borrow my Mac.

:evilgrin:

http://www.microsoft.com/technet/security/bulletin/ms10-apr.mspx

Click affected software.
Looks like all apply to older windows (2000 & XP) some apply to Windows 7.

I guess I know what I'll be doing Tuesday. Crap.

Never mind the crashing.

.

ME was the equivalent of slapping a Mercedes badge on a Yugo, making tens of billion$ selling them, and when they all started falling to pieces on the road, being allowed to simply require their customers to buy the new Dodge with a Mercedes label at full price.

They literally put out a wholly defective product and were richly rewarded for it.

If you want a laugh Google "If GM developed technology like Micro$oft" and read the press release.

Not again.

Can't they do ANYTHING right?

I just hope it doesn't fuck up 7 - last time it updated, turned my 7 to non-genuine.

What a pain.

Everyone knows only Microsoft patches its software.


See also:

Oracle January 2010 Critical Patch Update Released
http://blogs.oracle.com/security/2010/01/january_2010_critical_patch_up.html

Oracle April 2010 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/39333

Bug exposes flaw in eight years of Linux kernel
http://www.theregister.co.uk/2009/08/14/critical_linux_bug/

Serious Flaws Discovered In Linux
http://netsecurity.about.com/cs/linuxsecurity/a/aa022304.htm

Critical Flaw in OS X
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1167872,00.html

Mac OS X users still vulnerable to Java security flaw (6 months after vulnerability announced)
http://gizmodo.com/5263130/mac-os-x-vulnerable-to-critical-java-flaw-windows-users-snide-remarks

Funny, that.

Anyway, Microsoft implied that this sort of thing was over with Windows 7.

Not so much.

I really hate blinder-wearing fanbois of ANY operating system.

The 99.9% would still be applicable to the windows machines.

ANY computer that connects to the outside world is vulnerable. Hardly anybody is writing crap to attack Macs but when someone does-look out. At least Windows users know something about applying countermeasures.

I also refuse to use the two biggest security holes on a Windows machine, Internet ExploDer and Outhouse Distress-that eliminates 99% of the problems right there.

Still waiting.

And the Mac fanbois have been saying for decades now that they'll takeover the market.

Still waiting on that, too.

Please reference that claim.

Apple's marketshare is climbing, but it will never be where it was in the beginning.

And that's just fine with me. I am happy that Apple is the most profitable consumer electronics company out there (it enables them to build the best stuff), but I have no desire to see them 'takeover the market.' Then they would take their product's quality for granted and make crap and more crap.

I like things just the way they are.

Creating a loyal cult of worshiping fanbois who will overpay for anything. (Present company most certainly NOT excepted.) But for decades their supposedly superior products have had one fatal flaw: they're overpriced. And that keeps them from ever becoming the dominant player.

Me? I'm no slave to any platform. I'll use Wintel in places where it's appropriate, Linux in others, commercial UNIX in yet others, and yes, I even have... wait for it... an iPhone! I get plenty of laughs from all of you - from the devoted Jobs followers to the Windows borg collective, because you're all SO DAMN SURE that your preferred technology is the BEST goddammit and no one else is gonna tell you that maybe once in a while those lemons might be a little sour! :rofl:

About 5 minutes ago.

Last Patch Tuesday Microsoft released patches for XP. So when I applied the patches on my workstation, one of them broke the sharing capability of Excel 2007 spreadsheets on our network shared drives. I notified our IT people and they found a workaround. Then THEY opened a ticket with MS. Our people told me that one of the patches being released this Tuesday supposedly fixes that (I hope).

And no, I won't tell you where I work.

One day my home PC will get infected, or stop working, or work badly, or something. I know this because I read it on the internet.

One day I'll be forced to switch operating systems to one that isn't infected, or not working, or working badly... much like the one I currently use.

Coke vs. Pepsi II. Return of the Cola Wars.





But then again, I was also told that Y2K would cause and end to the world as we know it.