Hey Admins…. It’s that time again. The second Tuesday is upon us and May so far hasn’t been demanding as far as patching goes.
MS10-030 resolves an integer overflow in POP3 & IMAP mail responses to Outlook Express and Windows Mail…. MS10-031 addresses a stack memory corruption related to the way that “Visual Basic for Applications” searches for ActiveX components, when host applications provide specially crafted files to the Visual Basic runtime.
Adobe and Apple haven’t issued any security updates in May yet.
Apple’s last security update was on April 15th when they issued Security Update 2010-003 for OSX 10.5 and 10.6. ( 2010-003 addressed an issue with handling embedded fonts that could result in RCE )( see CVE-2010-1120 for more details )
Adobe’s last update was APSB10-10 on April 30th. APSB10-10 resolves issues in Photoshop CS4 (v11.0.0 ) for both Mac and Windows variants. Issues with Photoshop’s handling of specially crafted .TIFF files could lead to remote code execution ( see CVE-2010-1279 for more details ).
You can find more information on this month’s Microsoft Advisories and Bulletins at the SophosLabs vulnerability analysis page.
If you’ve found our vulnerability posts to be valuable, or have some suggestions for how we can better serve you, please let us know at firstname.lastname@example.org