ADVANCE NOTIFICATION - April 2010 Microsoft Security Bulletin Release

[Dr.Melzer 191]

Microsoft hat in seiner Security Bulletin Advance Notification für April 2010 11 neue Security Bulletins angekündigt (siehe unten aufgeführt nach Schweregrad und Sicherheitsauswirkung). Die neuen Sicherheitsupdates werden am 13.04.10 veröffentlicht.

 

Deutsche Infos findet Ihr demnächst unter: Security Bulletin-Suche - Microsoft Deutschland GmbH.

 

Weitere allgemeine Informationen zu den Microsoft Security Bulletin Advance Notifications findet Ihr hier: Microsoft Security Bulletin Advance Notification

[Dr.Melzer 191]

What is the purpose of this alert?

 

As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers concerning the number of new security updates being released, the products affected, the aggregate maximum severity, and information about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these security updates more effectively.

 

On April 13, 2010, Microsoft is planning to release 11 new security bulletins. Below is a summary.

 

NEW BULLETIN SUMMARY

 

Bulletin ID Maximum Severity Rating Vulnerability Impact Restart Requirement Affected Software*

Bulletin 1 Critical Remote Code Execution Requires restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 2 Critical Remote Code Execution Requires restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 3 Critical Remote Code Execution Requires restart Microsoft Windows 2000

Bulletin 4 Critical Remote Code Execution May require restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Bulletin 5 Critical Remote Code Execution May require restart Microsoft Windows 2000 and Windows XP.

Bulletin 6 Important Elevation of Privilege Requires restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 7 Important Remote Code Execution May require restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 8 Important Remote Code Execution May require restart Microsoft Office

Bulletin 9 Important Denial of Service Requires restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Microsoft Exchange 2000 Server Service Pack 3, Microsoft Exchange Server 2003 Service Pack 2, Microsoft Exchange Server 2007, and Microsoft Exchange Server 2010.

Bulletin 10 Important Remote Code Execution May require restart Microsoft Office

Bulletin 11 Moderate Spoofing Requires restart Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

* The list of affected software in the summary table is an abstract. To see the full list of affected components

please click on the "Advance Notification Web Page" link below and review the "Affected Software" section.

 

Although we do not anticipate any changes, the number of bulletins, products affected, restart information, and severities are subject to change until released.

 

Advance Notification Web Page: The full version of the Microsoft Security Bulletin Advance Notification for this month can be found at Microsoft Security Bulletin Advance Notification for April 2010.

 

Microsoft Windows Malicious Software Removal Tool: Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

 

Monthly Security Bulletin Webcast: To address customer questions on these bulletins Microsoft will host a Webcast next Wednesday, at 11:00 A.M. Pacific Time (U.S. and Canada). Registration for this event and other details can be found at Microsoft Security Bulletin Summaries and Webcasts.

 

At this time, no additional information on these bulletins, such as details regarding the vulnerability or severity, will be made available until the bulletins are published on Tuesday.

[Dr.Melzer 191]

REGARDING INFORMATION CONSISTENCY

 

We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.

 

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

 

Thank you,

Microsoft CSS Security Team