U.S. Flag Official website of the Department of Homeland Security

Alert (TA10-131A)

Microsoft Updates for Multiple Vulnerabilities

Original release date: May 11, 2010 | Last revised: January 24, 2013

Systems Affected

  • Microsoft Outlook Express
  • Microsoft Windows Mail
  • Microsoft Windows Live Mail
  • Microsoft Office
  • Microsoft Visual Basic for Applications
  • third-party software that uses Visual Basic for Applications

Overview

Microsoft has released updates to address vulnerabilities in Microsoft Outlook Express, Microsoft Windows Mail, Microsoft Windows Live Mail, Microsoft Office, and Microsoft Visual Basic for Applications.

Description

Microsoft has released security bulletins for multiple vulnerabilities in Microsoft Outlook Express, Microsoft Windows Mail, Microsoft Windows Live Mail, Microsoft Office, and Microsoft Visual Basic for Applications. These bulletins are described in the Microsoft Security Bulletin Summary for May 2010.

Third-party software that distributes VBE6.DLL may also be affected. If the third-party application follows the best practices for using a shared component as a side-by-side assembly, then the component will be updated by the update provided by MS10-031. Otherwise, you should contact the vendor to obtain an updated version of the application with the fixed VBE6.DLL file.

Impact

A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash.

Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for May 2010. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

References

Revisions

  • May 11, 2010: Initial release

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top