It's Microsoft Patch Tuesday: May 2010 Version 1.

0
May 11, 2010

By Justin James

For the second month in a row, the out-of-band patches were kept to a minimum, other than a pile of
updates to the Best Practices Analyzer for Windows Server 2008 R2. Nicely enough, the number of
security patches is quite low this time around, only two of them.
The previous month's Microsoft Patch Tuesday blog entries are also available.

Security patches
MS10-030/KB978542 – Critical (XP, 7, 2003, 3008, 2008 R2, Outlook Express 5.5 and 6.0 for
2000): Outlook Express, Windows Mail, and Windows Live Mail have a vulnerability which can lead to a
remote code execution attack, executed by a remote email server. Microsoft rates this as "critical" but I
believe that very few business users are using these applications, and I feel that it is extremely unlikely
that a remote email server would be compromised like this. For these reasons, I believe that this patch
can wait until your next scheduled patch day unless you use one of these email applications on a regular
basis. 1.1MB – 4.7MB
MS10-031/KB978213 – Critical (Office XP, Office 2003, Office 2007): A problem with the VBA
runtime can allow for an attacker to use a specially crafted document to perform remote code execution
attacks. This affects Office as well as any other application which uses VBA. It is unclear if the attacks are
mitigated in Office by forbidding Office from running macros. You should install this patch immediately.
1.3MB – 2.7MB

Other updates
None.
"The Usual Suspects": Updates to the Malicious Software Removal Tool (10.1MB – 12.7MB) and Junk Email
filters (2.2MB).
Changed, but not significantly:
None.

Updates since the last Patch Tuesday

There have been a number of minor items added and updated since the last Patch Tuesday:
System Update Readiness Tool for Vista, 7, 2008, and 2008 R2 (KB947821) 18.2MB – 122.6MB
BitLocker update for 7 and 2008 R2 (KB975496) 138KB – 241KB
Browser Choice Screen Update (KB976002) 103KB – 745KB
Update for SD cards larger than 32 GB (KB976422) 90KB – 167KB
Best Practices Analyzer Updates for 2008 R2 x64:
o DHCP Server (KB977236) 178KB
o Hyper-V (KB977238) 168KB

Page 1
Copyright ©2010 CBS Interactive. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/
It's Microsoft Patch Tuesday: May 2010

o Network Policy and Access Services (KB977239) 191KB

o Remote desktop Services (KB979734) 178KB
o Active Directory Domain Services (KB980360) 276KB
o File Services (KB981111) 243KB
o Windows Server Update Services (KB981390) 94KB
o Active Directory Rights Management Services (KB981391) 83KB
o Application Server (KB981392) 76KB
Update to remove Windows File Protection from fonts so Office 2010 can install (KB980248)
30.0MB
Stability and Reliability Update for 7 and 2008 R2 (KB980408) 5.5MB – 19.7MB
Changed, but not significantly:
Security Update for MS10-019 (KB978601/KB979309)
Security Update for MS10-025 (KB980858)

Page 2
Copyright ©2010 CBS Interactive. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/
It's Microsoft Patch Tuesday: May 2010

Additional resources
TechRepublic's Downloads RSS Feed
Sign up for TechRepublic's Downloads Weekly Update newsletter
Check out all of TechRepublic's free newsletters

Version history
Version: 1.0
Published: May 11, 2010

Tell us what you think

TechRepublic downloads are designed to help you get your job done as painlessly and effectively as possible.
Because we're continually looking for ways to improve the usefulness of these tools, we need your feedback.
Please take a minute to drop us a line and tell us how well this download worked for you and offer your
suggestions for improvement.

Thanks!

—The TechRepublic Downloads Team

Page 3
Copyright ©2010 CBS Interactive. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/