Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: Microsoft Patch Monday - SANS Internet Storm Center Microsoft Patch Monday


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Patch Monday 2011-04-11

MS11-018
Title Cumulative Security Update for Internet Explorer (
Replaces MS11-003
Affected Internet Explorer 6-8
KB KB2497640
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-0094 1
2011-0346 1
2011-1244 0
2011-1245 3
2011-1345 1
MS11-019
Title Vulnerabilities in SMB Client Could Allow Remote Code Execution (
Replaces MS10-020
Affected Windows
KB KB2511455
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-0654 2
2011-0660 1
MS11-020
Title Vulnerability in SMB Server Could Allow Remote Code Execution (
Replaces MS10-012, MS10-054
Affected Windows
KB KB2508429
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-0661 1
MS11-021
Title Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (
Replaces MS10-080, MS10-087
Affected Office XP SP3-2010, Office 2004-2011 for Mac, Open XML File Format Converter, Excel Viewer SP2, Office Compatibility Pack for 2007 file formats
KB KB2489279
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-0097 1
2011-0098 1
2011-0101 1
2011-0103 2
2011-0104 2
2011-0105 2
2011-0978 1
2011-0979 1
2011-0980 1
MS11-022
Title Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (
Replaces MS90-17, MS10-036, MS10-087, MS10-088
Affected PowerPoint
KB KB2489283
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-0655 2
2011-0656 2
2011-0976 1
MS11-023
Title Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (
Replaces MS10-087
Affected Office XP - 2007, Office 2004 - 2008 for Mac, Open XML File Format Converter
KB KB2489293
Known Exploits Yes
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-0107 1
2011-0977 2
MS11-024
Title Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution
Replaces
Affected Fax Services, Fax Server Role
KB KB2527308
Known Exploits Yes
Microsoft Rating Important
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2010-3974 3
MS11-025
Title Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution
Replaces
Affected Visual Studio .NET 2003 - 2010, Visual C++ 2005 - 2010 Redistributable Package
KB KB2500212
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2010-3190 1
MS11-026
Title Vulnerability in MHTML Could Allow Information Disclosure
Replaces
Affected MHTML
KB KB2503658
Known Exploits Yes
Microsoft Rating Important
ISC Client Rating Patch now
ISC Server Rating Patch now
CVE Exploitability
2011-0096 3
MS11-027
Title Cumulative Security Update of ActiveX Kill Bits (
Replaces MS10-034
Affected Windows XP- 7, Server 2003-2008
KB KB2508272
Known Exploits Yes
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2010-0811 0
2011-1243 0
2010-3973 0
MS11-028
Title Vulnerability in .NET Framework Could Allow Remote Code Execution (
Replaces MS90-61, MS10-060, MS10-077
Affected .NET framework (all supported version)
KB KB2484015
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2010-3958 1
MS11-029
Title Vulnerability in GDI+ Could Allow Remote Code Execution (
Replaces MS90-62, MS10-087
Affected Windows XP-Vista, Windows Server 2003-2008, Office XP
KB KB2489979
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-0041 1
MS11-030
Title Vulnerability in DNS Resolution Could Allow Remote Code Execution (
Replaces MS80-20, MS80-37, MS80-66
Affected Windows XP - 7, Windows Server 2008
KB KB2509553
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-0657 2
MS11-031
Title Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (
Replaces MS90-45, MS10-022, MS11-009
Affected OpenType Compact Font Format (CFF) driver
KB KB2514666
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-0663 2
MS11-032
Title Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (
Replaces MS11-007
Affected OpenType Compact Font Format (CFF) driver
KB KB2507618
Known Exploits No
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-0034 3
MS11-033
Title Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (
Replaces MS10-067
Affected Microsoft Wordpad
KB KB2485663
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-0028 1
MS11-034
Title Elevation of Privilege Vulnerabilities in Windows Kernel-Mode Drivers
Replaces MS10-012
Affected Kernel Mode Drivers
KB KB2506223
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-0662 1
2011-0665 1
2011-0666 1
2011-0667 1
2011-0670 1
2011-0671 1
2011-0672 1
2011-0673 1
2011-0674 1
2011-0675 1
2011-0676 1
2011-0677 1
2011-1225 1
2011-1226 1
2011-1227 1
2011-1228 1
2011-1229 1
2011-1230 1
2011-1231 1
2011-1232 1
2011-1233 1
2011-1234 2
2011-1235 1
2011-1236 1
2011-1237 1
2011-1238 3
2011-1239 1
2011-1240 1
2011-1241 1
2011-1242 1
We will update issues on this page for about a week or so as they evolve. We appreciate your updates!
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
  • We use 4 levels:
    • PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
    • Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
    • Important: Things where more testing and other measures can help.
    • Less Urgent: practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
    • The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.