eWeek: This week's Patch Tuesday release from Microsoft contained fixes for 34 vulnerabilities in 14 security bulletins. They affect Windows, Office, the .Net Framework, Silverlight and Windows Media Player. Microsoft rated eight of the bulletins critical and considers four of them high priority.
Symantec's Joshua Talbot noted that one bulletin should be of particular concern to enterprises. "The SMB [protocol] pool overflow vulnerability [covered in MS10-054] should be a real concern for enterprises," he said. "Not only does it give an attacker system-level access to a compromised SMB server, but the vulnerability occurs before authentication is required from computers contacting the server. This means any system allowing remote access and not protected by a firewall is at risk."