Security

The release of a security update for Firefox 3.6.9 addresses multiple vulnerabilities that could lead to application crash, cross site scripting attack and remote code execution.

The release of a security update for Firefox 3.6.9 addresses multiple vulnerabilities that could lead to application crash, cross site scripting attack and remote code execution.

Adobe has released security updates for Adobe Reader and Acrobat to resolve two vulnerabilities that could lead to application crash and arbitrary code execution.

A security update for QuickTime 7.6.7 has been released to address a vulnerability in the Windows version of the application, which could lead to application crash or code execution. 

Adobe has released a security update for Flash Player 10.1.82.76 to resolves multiple vulnerabilities reported in the prior version.

Three vulnerabilities reported in Microsoft Windows Kernel could separately lead to escalation of privilege and denial of service attack.

Four reported vulnerabilities in Windows kernel-mode drivers could lead to escalation of privilege, while one other vulnerability could cause the system become unresponsive.

Two reported vulnerabilities in Microsoft Windows Secure Channel (SChannel) could lead to spoofing and remote code execution.

A vulnerability in Windows Movie Maker could lead to remote code execution.

A vulnerability in Microsoft XML Core Services 3.0 could allow a remote attacker to execute arbitrary code and take control of an affected system.

A vulnerability in Microsoft M-PEG Layer-3 audio codecs could result in an execution of arbitrary code by a remote attacker.

The latest release of Internet Explorer's cumulative security update resolves multiple vulnerabilities that could cause information disclosure and remote code execution. 

Several vulnerabilities in the Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets and requests could, if successfully exploited, allow remote code execution.

A vulnerability in Cinepak Codec could allow remote code execution if the user runs a specially crafted media file or views specially crafted streaming content.

Vulnerabilities in Microsoft Office Word can, if exploited, give an attacker the same user rights as logged-on user, potentially allowing the attacker complete control of the system. The most severe vulnerability also permits remote code execution.

A vulnerability in the way Microsoft Office Excel handles specially crafted Excel files could allow remote code execution if successfully exploited.

Vulnerabilities in TCP/IP processes can be successfully exploited to cause a Denial of Service (DoS) on the target machine, or to gain an elevation of privilege and subsequently complete control of the system.

Vulnerabilities in the Tracing Feature for Services may allow an elevation of privilege; an attacker may execute arbitrary code and essentially take complete control of the system.

Vulnerabilities in Microsoft .NET Common Language Runtime and in Microsoft Silverlight could allow remote code execution MS10-060

A vulnerability in Windows Shell could allow an attacker to execute arbitrary code and gain system access via a malicious shortcut file.