Published: 2010-07-11T06:48+00:00 Last Updated: 2010-07-31T06:23+00:00

JVNTR-2010-19
Vulnerability in Microsoft Windows Help and Support Center (CVE-2010-1885, MS10-042, TA10-194A)

Overview

A vulnerability exists in Microsoft Windows Help and Support Center.

Event Information

Date (UTC)	Description
2010-07-15 23:32	Symantec ThreatCON (2) => (2)
2010-07-14 01:32	JPCERT/CC JPCERT-AT-2010-0018: July 2010 Microsoft Security Bulletin (including three critical patches) Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-13 23:53	Microsoft MS10-042: Microsoft Security Bulletin Summary for July 2010 Security Update (MS10-042) released.
2010-07-13 21:20	US-CERT TA10-194A: Microsoft Updates for Multiple Vulnerabilities Technical Cyber Security Alert publised via US-CERT Mailing List. Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-13 17:30	SANS Internet Storm Center July 2010 Microsoft Black Tuesday Summary Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-13 17:25	US-CERT Microsoft Releases July Security Bulletin US-CERT Current Activity Public notification for "Microsoft Security Bulletin Summary for July 2010"
2010-07-08 18:07	Microsoft ms10-jul: Microsoft Security Bulletin Advance Notification for July 2010 Advance notification for Security Update.
2010-06-28 05:34	JPCERT/CC JPCERT-AT-2010-0016: Zero-day Vulnerability in Windows Help and Support Center Protocol
2010-06-11 21:56	Microsoft Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution Fix it (Unregister the HCP Protocol) published.
2010-06-10 22:48	Microsoft Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution Security Advisory (2219475) published.
2010-06-10 21:50	SANS Internet Storm Center Microsoft Security Advisory 2219475 Public notification for "Security Advisory (2219475) ".
2010-06-10 21:26	SANS Internet Storm Center Microsoft Help Centre Handling of Escape Sequences May Lead to Exploit Vulnerability proof-of-concept code has been posted to Mailing List.
2010-06-10 15:01	US-CERT Microsoft Windows Help and Support Center Vulnerability US-CERT Current Activity Public notification for "Security Advisory (2219475) ".
2010-06-10 10:23	Symantec ThreatCON (2) => (2)
2010-06-09 23:46	Full-disclosure Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly Vulnerability proof-of-concept code posted to Mailing List. #Cid:40725_realplayer.ram #Cid:40725.rb #Tested: cpe:/o:microsoft:windows_xp + cpe:/a:microsoft:ie:6 #Tested: cpe:/o:microsoft:windows_xp + cpe:/a:microsoft:ie:7 #Tested: cpe:/o:microsoft:windows_xp + cpe:/a:microsoft:ie:8 + cpe:/a:microsoft:windows_media_player:9
2010-06-05	Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly Vulnerability reported to vendor.
2010-06-05	Trend Micro TROJ_HCPEXP.A

Other Information

CVE	CVE-2010-1885