NeXpose Release December 15, 2010 (Content)

Document created by techeditor on Apr 7, 2011Last modified by techeditor on Nov 1, 2011
Version 2Show Document
  • View in full screen mode

This release is a content update.

 

  • Content updates include new checks for vulnerabilities, patch verification, and compliance with security policies.
  • Product updates include performance improvements, bug fixes, and new features.

 

Vulnerability checks for December 2010 Patch Tuesday exposures


  • New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for December 2010. These include checks for a critical Microsoft Internet Explorer vulnerability (see MS10-090) and a critical OpenType Font (OTF) Driver vulnerability (see MS10-091). Both of these vulnerabilities could allow remote code execution if exploited. Use these checks to verify that the latest Microsoft patches have been applied to system assets.

 

List of checks


  • Microsoft SQL Server 2008 Service Pack 2 (KB2285068)
  • MS10-090: Cumulative Security Update for Internet Explorer
  • MS10-091: Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution
  • MS10-092: Vulnerability in Task Scheduler Could Allow Elevation of Privilege
  • MS10-093: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution
  • MS10-094: Vulnerability in Windows Media Encoder Could Allow Remote Code Execution
  • MS10-095: Vulnerability in Microsoft Windows Could Allow Remote Code Execution
  • MS10-096: Vulnerability in Windows Address Book Could Allow Remote Code Execution
  • MS10-097: Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution
  • MS10-098: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
  • MS10-099: Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege
  • MS10-100: Vulnerability in Consent User Interface Could Allow Elevation of Privilege
  • MS10-101: Vulnerability in Windows Netlogon Service Could Allow Denial of Service
  • MS10-103: Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution
  • MS10-105: Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution

Attachments

    Outcomes