[BigFix-Announcements-Japan] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (Japanese)'
autonotify at us.ibm.com
autonotify at us.ibm.com
Thu Sep 30 02:30:35 PDT 2010
Fixlet Site - 'Patches for Windows (Japanese)'
Current Version: 383 Published: Thu, 30 Sep 2010 01:27:48 GMT
New Fixlets:
============
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 1.1 SP1 - Windows XP / Vista / 2008 (Japanese)
Severity: Important
Fixlet ID: 1007001
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering of signed XML content without being detected. In custom applications, the security impact depends on how the signed content is used in the specific application. Scenarios in which signed XML messages are transmitted over a secure channel (such as SSL) are not affected by this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows XP SP2 / Windows Server 2003 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1007005
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows XP SP2 / Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1007006
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows XP SP3 / 2003 SP2 (Japanese)
Severity: Important
Fixlet ID: 1007007
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows XP SP3 / 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1007008
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP1 / 3.5 - Windows XP SP2 / Windows Server 2003 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1007010
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP1 / 3.5 - Windows XP SP3 / Windows Server 2003 SP2 (Japanese)
Severity: Important
Fixlet ID: 1007011
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP1 / 3.5 - Windows XP SP3 / Windows Server 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1007012
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 3.5 SP1 - Windows XP SP3 / Windows Server 2003 SP2 / Windows Vista SP2 / Windows Server 2008 SP2 (Japanese)
Severity: Important
Fixlet ID: 1007013
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP1 / 3.5 - Windows XP SP2 / Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1007014
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 3.5 SP1 - Windows XP SP2 / Windows Server 2003 SP2 Windows Vista SP1/SP2 / Windows Server 2008 Gold/SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1007016
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 4.0 - Windows XP / 2003 / Vista / 2008 / 7 (Japanese)
Severity: Important
Fixlet ID: 1007017
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 4.0 - Windows XP / 2003 / Vista / 2008 / 7 /2008 R2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1007020
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in convincing a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing the page, as could be the case in a Web hosting scenario. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 1.1 SP1 - Windows Server 2003 SP2 (Japanese)
Severity: Important
Fixlet ID: 1007021
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 1.1 SP1 - Windows Server 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1007022
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP1 / 3.5 - Windows Vista SP1 / Windows Server 2008 Gold (Japanese)
Severity: Important
Fixlet ID: 1007023
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP1 / 3.5 - Windows Vista SP1 / Windows Server 2008 Gold (x64) (Japanese)
Severity: Important
Fixlet ID: 1007025
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows Vista SP1 / Windows Server 2008 Gold (Japanese)
Severity: Important
Fixlet ID: 1007027
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows Vista SP2 / Windows Server 2008 SP2 (Japanese)
Severity: Important
Fixlet ID: 1007031
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows Vista SP2 / Windows Server 2008 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1007033
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 3.5 - Windows XP SP3 / Windows Server 2003 SP2 / Windows Vista SP2 / Windows Server 2008 SP2 (Japanese)
Severity: Important
Fixlet ID: 1007035
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 3.5 - Windows XP SP2 / Windows Server 2003 SP2 / Windows Vista SP2 / Windows Server 2008 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1007038
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 3.5.1 - Windows 7 (Japanese)
Severity: Important
Fixlet ID: 1007039
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 3.5.1 - Windows 7 / Server 2008 R2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1007041
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure - Microsoft .NET Framework 2.0 SP2 / 3.5 SP1 - Windows Vista SP1 / Windows Server 2008 Gold (x64) (Japanese)
Severity: Important
Fixlet ID: 1007043
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS10-070.mspx
Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
More information about the BigFix-Announcements-Japan
mailing list