After a busy April patch month, May’s patch Tuesday proves to be much quieter with two updates released by Microsoft. Although deemed critical, read the details below to see how your environment may or may not be affected.

Microsoft Updates

ID: MS10-030
Title: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution
Microsoft Severity: Critical

Summary: A vulnerability exists in Outlook Express and Window Mail caused by an insufficient validation of network data before using the data to calculate the necessary size of a buffer. An attacker can exploit the vulnerability by tricking a user to initiate a connection to a malicious POP or IMAP server.

Praetorian’s Recommendation: The critical severity is due to the potential for remote code execution, however their are a few key points here to mitigate the severity. First, the mail clients affected are Outlook Express and Windows Mail, Office Outlook is not affected. Second, the client must initiate a connection to a malicious server. In an corporate or enterprise environment, the egress points should restrict outbound POP and IMAP, or the desktop environment should restrict the server settings from being modified.

ID: MS10-031
Title: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution
Microsoft Severity: Critical

Summary: A vulnerability exists in Visual Basic for applications which can lead to remote code execution. An attacker can create a malicious Office file (Word, Excel) which exploits the VBA vulnerability.

Praetorian’s Recommendation: A user would need to open a malicious file to be expoited, therefore, continued emphasis on user training on handling email attachments and web content is necessary. Prepare this update for your next MS Office patch cycle.

Related Posts:

• iPhone 4 Ordering and Session Switching
• March’s Patch Tuesday
• Press F1 for Help, pwned.
• First Patch Tuesday of 2010
• Regular or Decaf? Tool launched to combat COFEE