Professional Documents
Culture Documents
0
May 11, 2010
By Justin James
For the second month in a row, the out-of-band patches were kept to a minimum, other than a pile of
updates to the Best Practices Analyzer for Windows Server 2008 R2. Nicely enough, the number of
security patches is quite low this time around, only two of them.
The previous month's Microsoft Patch Tuesday blog entries are also available.
Security patches
MS10-030/KB978542 – Critical (XP, 7, 2003, 3008, 2008 R2, Outlook Express 5.5 and 6.0 for
2000): Outlook Express, Windows Mail, and Windows Live Mail have a vulnerability which can lead to a
remote code execution attack, executed by a remote email server. Microsoft rates this as "critical" but I
believe that very few business users are using these applications, and I feel that it is extremely unlikely
that a remote email server would be compromised like this. For these reasons, I believe that this patch
can wait until your next scheduled patch day unless you use one of these email applications on a regular
basis. 1.1MB – 4.7MB
MS10-031/KB978213 – Critical (Office XP, Office 2003, Office 2007): A problem with the VBA
runtime can allow for an attacker to use a specially crafted document to perform remote code execution
attacks. This affects Office as well as any other application which uses VBA. It is unclear if the attacks are
mitigated in Office by forbidding Office from running macros. You should install this patch immediately.
1.3MB – 2.7MB
Other updates
None.
"The Usual Suspects": Updates to the Malicious Software Removal Tool (10.1MB – 12.7MB) and Junk Email
filters (2.2MB).
Changed, but not significantly:
None.
Page 1
Copyright ©2010 CBS Interactive. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/
It's Microsoft Patch Tuesday: May 2010
Page 2
Copyright ©2010 CBS Interactive. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/
It's Microsoft Patch Tuesday: May 2010
Additional resources
TechRepublic's Downloads RSS Feed
Sign up for TechRepublic's Downloads Weekly Update newsletter
Check out all of TechRepublic's free newsletters
Version history
Version: 1.0
Published: May 11, 2010
Thanks!
Page 3
Copyright ©2010 CBS Interactive. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/