Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Microsoft Patch Tuesday - SANS Internet Storm Center Microsoft Patch Tuesday


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Patch Tuesday 2011-08-09

MS11-057
Title Multiple vulnerabilities in Internet Explorer allow random code execution with the rights of the logged on user and information leaks.
Replaces MS11-050
Affected MSIE
KB KB2559049
Known Exploits Yes
Microsoft Rating Critical
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-1257 1
MS11-058
Title Multiple vulnerabilities in the DNS server allow random code execution through NAPTR (Naming Authority Pointer) queries against recursive servers and denial of service.
Replaces MS90-08, MS11-046
Affected DNS server
KB KB2562485
Known Exploits No
Microsoft Rating Critical
ISC Client Rating N/A
ISC Server Rating N/A
CVE Exploitability
2011-1966 3
MS11-059
Title Windows DAC (Data Access Components) can incorrectly restrict the path used for loading libraries, allowing random code execution (e.g. by opening a excel file on a network share).
Replaces
Affected Windows DAC, exposed through e.g. Excel
KB KB2560656
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-1975 1
MS11-060
Title Multiple vulnerabilities in Visio allow random code execution with the rights of the logged on user.
Replaces MS11-008
Affected Visio
KB KB2560978
Known Exploits No
Microsoft Rating Important
ISC Client Rating Critical
ISC Server Rating Critical
CVE Exploitability
2011-1972 1
MS11-061
Title A cross site scripting (XSS) vulnerability in Remote Desktop Web Access.
Replaces
Affected Remote Desktop Web Access
KB KB2546250
Known Exploits No
Microsoft Rating Important
ISC Client Rating Less urgent
ISC Server Rating Less urgent
CVE Exploitability
2011-1263 1
MS11-062
Title An input validation vulnerability in the way the NDISTAPI driver validates user mode input before sending it to the windows kernel allows privilege escalation.
Replaces
Affected Remote Access Service (RAS)
KB KB2566454
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-1974 1
MS11-063
Title An input validation vulnerability in the Client/Server Runtime SybSystem allows privilege escalation by running arbitrary code in the context of another process.
Replaces MS10-069, MS11-056
Affected CSRSS
KB KB2567680
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-1967 1
MS11-064
Title Vulnerabilities in how windows kernels handle crafted ICMP messages and how Quality of Service (QoS) based on URLs on web hosts handles crafted URLs allow denial of service.
Replaces MS10-058
Affected TCP/IP stack
KB KB2563894
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-1871 3
MS11-065
Title A vulnerability in the RDP implementation allows denial of service of the exposed machine.
Replaces
Affected Remote Desktop Protocol (RDP)
KB KB2570222
Known Exploits Yes
Microsoft Rating Important
ISC Client Rating Less urgent
ISC Server Rating Less urgent
CVE Exploitability
2011-1968 3
MS11-066
Title An input validation in the Chart Control allows retrieval of any file within the ASP.NET application.
Replaces
Affected ASP.NET Chart Control
KB KB2567943
Known Exploits No
Microsoft Rating Important
ISC Client Rating N/A
ISC Server Rating N/A
CVE Exploitability
2011-1977 3
MS11-067
Title A cross site scripting (XSS) vulnerability in the Microsoft report viewer control.
Replaces MS90-62
Affected Report Viewer
KB KB2578230
Known Exploits No
Microsoft Rating Important
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-1976 3
MS11-068
Title Access to meta-data of files (can be through the web and file sharing) can cause a reboot of the windows kernel.
Replaces MS10-047
Affected Windows Kernel
KB KB2556532
Known Exploits No
Microsoft Rating Moderate
ISC Client Rating Less urgent
ISC Server Rating Less urgent
CVE Exploitability
2011-1971 0
MS11-069
Title Lack of restricted access to the System.Net.Sockets namespace in the .NET framework allows information leaks and control over network traffic causing Denial of Service or portscanning.
Replaces MS11-039
Affected .NET framework
KB KB2567951
Known Exploits No
Microsoft Rating Moderate
ISC Client Rating Important
ISC Server Rating Important
CVE Exploitability
2011-1978 0
We will update issues on this page for about a week or so as they evolve. We appreciate your updates!
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
  • We use 4 levels:
    • PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
    • Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
    • Important: Things where more testing and other measures can help.
    • Less Urgent: practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
    • The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.