Microsoft Releases March Security Bulletin

Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2010. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

SANS 2009

More than 35 courses, SANS top instructors, all in one great place! SANS 2009 is being held in Orlando, FL on March 2-9. Register today!

http://www.sans.org/info/35964/

TA10-068A: Microsoft Updates for Multiple Vulnerabilities

Microsoft Updates for Multiple Vulnerabilities

http://www.us-cert.gov/cas/techalerts/TA10-068A.html

VU#744549: Microsoft Internet Explorer iepeers.dll use-after-free vulnerability

Microsoft Internet Explorer contains a use-after-free vulnerability in the iepeers.dll file,which may allow a remote,unauthenticated attacker to execute arbitrary code.

http://www.kb.cert.org/vuls/id/744549

Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution - 3/9/2010

Revision Note: V1.0 (March 9, 2010): Advisory published. Advisory Summary:Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the browser, Internet Explorer 8, is not affected. The main impact of the vulnerability is remote code execution. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

http://www.microsoft.com/technet/security/advisory/981374.mspx