With this month's bulletin release, I want to highlight the great work done through our partnerships in the Microsoft Active Protections Program (MAPP). MAPP represents our commitment to community based defense and a shared sense of responsibility to help protect the computing ecosystem. In July of this year, the Stuxnet malware emerged onto the threat landscape and resulted in the release of an out-of-band security update, MS10-046, to address a zero-day vulnerability the malware used to compromise systems. Additionally, we updated the Microsoft Malicious Software Removal Tool (MSRT) in August to remove Stuxnet and we are able to report that according to our telemetry, the threat has gone way down from the spike we saw in early August.
Since that time, Microsoft and partners in our MAPP program have continued to investigate this extremely complex malware. Today, we are releasing MS10-061 to address another vulnerability first discovered and reported to us by Kaspersky Lab and then later by Symantec. This vulnerability in the Print Spooler Service is rated Critical for Windows XP and Important on all other affected platforms and is used by Stuxnet to spread to systems inside the network where the Print Spooler service is exposed without authentication.
