Unit 2 Assignment 2

1. 2401593 CVE-2010-3213: Vulnerability in outlook Web access could allow elevation of privilege. Microsoft Server Exchange 2003 and 2007 2264072 CVE-2010-1886: Elevation of privilege using Windows service Isolation Bypass. Windows Server 2003 and 2008 980088 CVE-2010-0255: Vulnerability in Internet Explorer could allow Information Disclosure. Windows XP 975497 CVE-2009-3103: Vulnerabilities in SMB could allow remote code execution. Windows Vista Service Pack 1 and 2 98343 CVE-2010-0817: Vulnerability in SharePoint could allow elevation of privilege. Microsoft SharePoint Version 2.0
2. Only two from the five listed in question one are privileged elevation. 2264072 CVE-210-1886 and 98343 CVE-210-0817. They are of importance but not considered a high priority issue.
3. Advisory Number: 977981 Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Advisory Number: 979352 Solution: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Advisory Number: 954157 Solution: The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By only allowing applications to use the Indeo codec when the media content is from the