Microsoft

It's Microsoft Patch Tuesday: March 2010

Justin James gathers the information you need to make the right decision on applying Microsoft's March 2010 patches in your organization.

In late February we saw a large dump of patches out of band. Not a single one was considered a security item. I know I have said this before, but this is really unacceptable. I do not think a single systems administrator has commented on one of these blog posts with praise for out-of-band, nonsecurity patches, and I would be highly surprised if it ever happens (I know I just invited a rash of sarcastic "I love it!" comments). That being said, there are only two security items this month, both of them related to opening poisoned files.

This blog post is also available in PDF format in a free TechRepublic download.

Security patches

MS10-016/KB975561 - Important (XP, Vista, 7, Microsoft Producer 2003): Specially crafted Movie Maker files can be used to exploit Microsoft's Movie Maker and Producer 2003 applications and remotely execute code. This code is executed with the logged-in user's permissions, which makes this less of a security concern. Install this patch during your next regular patch cycle. 1.7MB - 6.1MB MS10-017/KB980150 - Important (Office XP, Office 2003, Office 2007, Office 2004 for Max, Office 2008 for Mac, Office SharePoint Server 2007, Excel Viewer, Office Compatibility Pack): A number of problems in Excel's file handling exposed it to remote code execution attacks with the user's permissions. Microsoft does not rate this as "critical," but given the prevalence of Excel and the likelihood of users opening Excel files, you will want to install it immediately. 4.9MB - 221.5MB

Other updates

KB976002: This patch adds the new "browser ballot" to existing installs of Windows for European users affected by the recent legal actions around this issue. For some reason, they released it out of band in late February and again on March's Patch Tuesday. 104KB - 745KB "The Usual Suspects": Updates to the Malicious Software Removal Tool (9.7MB - 10MB) and Junk Email filters (2.2MB).

Changed, but not significantly:

Updates since the last Patch Tuesday

No new security items were released out of band.

There have been a number of minor items added and updated since the last Patch Tuesday:

Changed, but not significantly:

Stay on top of the latest XP tips and tricks with TechRepublic's Windows XP newsletter, delivered every Thursday. Automatically sign up today!

About

Justin James is the Lead Architect for Conigent.

Editor's Picks