windows crashed



'Help with my PC' is designed to give you free advice on using your PC
With years of experience in giving advice to both Novices and Experts
you should find what you need in a language you can understand.
   
configure email
Google
 
Web www.helpwithmypc.info
xp errors

  
Home Page
Free PC Diagnostics
Windows 7
Outlook Express
IT News
Broadband News
Virus News
XP Tweaks
WIFI Security
Free Software
Pop Ups
Parental Control
Troubleshoot
Spam
Sitemaps
Windows Boot Errors
Word Crashes
Word Tutorials
Backup Files
Secure your PC
Link to us
Glossery
GoogleDance
Links
Your Questions
Disclaimer
bios beeps






 
outlook express parental control
11 Windows Patches, 5 Rated Critical
Severity: High
9 February, 2010
 
Summary:
§ These vulnerabilities affect: All current versions of Windows and components that ship with it
§ How an attacker exploits them: Multiple vectors of attack, including sending specially crafted network packets, or enticing your users to open malicious media
§ Impact: Various results; in the worst case, an attacker can gain complete control of your Windows computer
§ What to do: Install the appropriate Microsoft patches immediately, or let Windows Automatic Update do it for you.
 
Exposure:
Today, Microsoft released eleven security bulletins describing over 19 vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to varying degrees. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PC. The summary below lists the vulnerabilities, in order from highest to lowest severity.
 
§ MS10-006: SMB Client Code Execution Vulnerabilities
Microsoft Server Message Block (SMB) is the protocol Windows uses for file and print sharing. According to Microsoft, the Windows SMB client suffers from two code execution vulnerabilities. Though the flaws differ technically, an attacker could exploit both in the same way.  By enticing one of your users to connect to a malicious SMB server, an attacker can exploit either flaw to gain complete control of a vulnerable Windows computer.
Microsoft rating: Critical.
 
§ MS10-007: Shell Handler Code Execution Vulnerability
Windows ships with the Windows Shellapplication programming interface (API), which allows other programs to perform certain Shell operations (such as execute a program). Unfortunately, one of the Shell API's functions (ShellExecute) doesn't properly validate data. Attackers can leverage this flaw to execute code. More specifically, by enticing one of your users to a specially crafted web page, an attacker can force Windows to invoke this insecure API function and execute arbitrary code on that user's computer. If your user has administrative privileges, the attacker would gain complete control of that user's PC.
Microsoft rating: Critical.
 
§ MS10-008: Cumulative ActiveX Kill Bit Update
Microsoft and external researchers have identified several Microsoft and third party ActiveX controls that suffer various security vulnerabilities. By enticing one of your users to a malicious website, an attacker could exploit any of these ActiveX controls to execute code on your user's computer, with that user's privileges. Like most Windows vulnerabilities, if your user has administrative privileges, the attacker would gain complete control of the user's PC. This update sets the Kill Bit for all the vulnerable ActiveX controls, thereby disabling them in Windows.
Microsoft rating: Critical. 
 
§ MS10-009: Multiple Windows TCP/IP Stack Vulnerabilities
The TCP/IP stack that ships with Windows Vista and Server 2008 suffers from three code execution vulnerabilities and a Denial of Service (DoS) vulnerability. In all cases, an attacker exploits these flaws by sending specially crafted TCP/IP packets to your Windows computers. The three code execution flaws obviously pose the greatest threat. However, mitigating circumstances significantly lessen their real-world risk. For instance, two of the flaws require you use IPv6 networking (which few do) and the third only affects users that have installed a custom network driver. That said, if an attacker can exploit any of these three vulnerabilities, he will gain complete control of your Windows machines. On the other hand, attackers can easily exploit the fourth vulnerability, simply by sending a few specially crafted packets. However, the attacker could only exploit this flaw to crash or reboot your Windows computer.
Microsoft rating: Critical.
 
§ MS10-013: DirectShow Heap Buffer Overflow Vulnerability
DirectShow is one of the DirectX components Windows uses to display graphics and media. DirectShow suffers from a heap buffer overflow vulnerability involving its inability to handle specially malformed AVI video files. By enticing one of your users to download and view a malicious video, or to visit a website with an embedded video, an attacker can exploit this flaw to execute code on that user's computer, with that user's privileges. If your user has administrative privileges, the attacker gains complete control of that user's PC.
Microsoft rating: Critical.
 
§ MS10-010: Windows Server 2008 x64 Hyper-V DoS Vulnerability
Hyper-V is the hypervisor-based technology that provides a virtualization platform for Windows Server 2008 and Server 2008 R2. Unfortunately, Hyper-V suffers from a DoS vulnerability involving the way it parses specially encoded machine instructions inside a guest virtual machine. By running a special program within a guest virtual machine, an attacker could exploit this flaw to lockup Hyper-V, causing all virtual machines to become non-responsive. However, in order to exploit this flaw, the attacker would first have to gain access to a guest virtual machine. This flaw only affects the x64 versions of Windows Server 2008.
Microsoft rating: Important. 
 
§ MS10-011: CSRSS Local Elevation of Privilege Vulnerability
The Client/Server Run-time SubSystem (CSRSS) is an essential Windows component responsible for console windows and creating and deleting threads. It does not properly terminate user processes when users log out. By running a specially crafted program, an attacker could leverage this flaw to elevate privileges, gaining complete control of a Windows computer. However, the attacker would first need to gain local access to a Windows computer using valid credentials (Guest access would work) in order to exploit this flaw.
Microsoft rating: Critical.
 
§ MS10-012: Various SMB Server Vulnerabilities
As mentioned earlier, the Server Message Block (SMB) is the protocol Windows uses for file and print sharing. By default, Windows computers run the SMB Server service. Unfortunately, the SMB Server service suffers from four vulnerabilities: a Code Execution flaw, two DoS vulnerabilities, and an elevation of privileges vulnerability. Attackers could exploit all four flaws the same way - by sending specially crafted SMB packets to a vulnerable PC. However, the scope of each flaw differs significantly. For instance, the Code Execution vulnerability sounds bad, but an attacker can only exploit if he first authenticates using valid user credentials. The two DoS vulnerabilities only allow an attacker to lockup the vulnerable system. Finally, an attacker could only exploit the elevation of privilege flaw to access an SMB share without authenticating; he couldn't exploit it to execute code.
Microsoft rating: Important. 
 
§ MS10-014: Kerberos DoS Vulnerabilities
Kerberos is one of the authentication protocols the server versions of Windows use. It suffers from a DoS vulnerability having to do with its inability to handle specially crafted ticket renewal requests. By sending a malicious ticket renewal request, an already authenticated attacker could exploit this flaw to lockup the vulnerable Windows server. However, the need for valid kerberos credentials significantly mitigates the risk of this flaw. 
Microsoft rating: Important.
 
§ MS10-015: Windows Kernel Elevation of Privilege Vulnerabilities
The kernel is core component of any computer operating system. The Windows kernel suffers from two elevation of privilege vulnerabilities. By running a specially crafted program, an attacker could leverage either of these flaws to gain complete control of your Windows computers. However, the attacker would first need to gain local access to your Windows computers using valid credentials. This factor significantly reduces the risk of these flaws.
Microsoft rating: Important
 
§ MS10-005: Microsoft Paint Integer Overflow Vulnerability
Microsoft Paint is a basic painting application that ships with Windows. It suffers from an integer overflow vulnerability due to a flaw in the way it decodes JPEG images. If an attacker can convince one of your users to view a malicious JPEG image, specifically using the MS Paint program, the flaw can be exploited to execute code on that user's computer, with that user's privileges. Of course, if your user has local administrative privileges, the attacker gains total control of their computer.
Microsoft rating: Moderate.








Links:

UK Historical Gardens
 
Check Domain Names
 
UK Football News
 
Christian Resources
 
Entertainment News