Bulletin ID: MS11-096 |
Title: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241) |
Update Type: Security Update |
Severity: Important |
Date: 2011-12-13 |
Description: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-3403. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information about how the Office File Validation feature can be configured to block the attack vectors. | ||||
Vulnerabilities: CVE-2011-1986 CVE-2011-1987 CVE-2011-3403 |
Included Updates: 2596954 2640241 |
Applies to: Office 2003 |
Bulletin ID: MS11-095 |
Title: Vulnerability in Active Directory Could Allow Remote Code Execution (2640045) |
Update Type: Security Update |
Severity: Important |
Date: 2011-12-13 |
Description: This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow remote code execution if an attacker logs on to an Active Directory domain and runs a specially crafted application. To exploit this vulnerability, an attacker would first need to acquire credentials to log on to an Active Directory domain. | ||||
Vulnerabilities: CVE-2011-3406 |
Included Updates: 2621146 2626416 2640045 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-094 |
Title: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142) |
Update Type: Security Update |
Severity: Important |
Date: 2011-12-13 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of the vulnerabilities could take complete control of an affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-3396 CVE-2011-3413 |
Included Updates: 2553185 2596764 2596843 2596912 2639142 |
Applies to: Office 2007 Office 2010 |
Bulletin ID: MS11-093 |
Title: Vulnerability in OLE Could Allow Remote Code Execution (2624667) |
Update Type: Security Update |
Severity: Important |
Date: 2011-12-13 |
Description: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section. | ||||
Vulnerabilities: CVE-2011-3400 |
Included Updates: 2624667 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-091 |
Title: Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702) |
Update Type: Security Update |
Severity: Important |
Date: 2011-12-13 |
Description: This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-1508 CVE-2011-3410 CVE-2011-3411 CVE-2011-3412 |
Included Updates: 2553084 2596705 2607702 |
Applies to: Office 2003 Office 2007 |
Bulletin ID: MS11-089 |
Title: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602) |
Update Type: Security Update |
Severity: Important |
Date: 2011-12-13 |
Description: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-1983 |
Included Updates: 2553132 2553153 2553353 2553374 2589320 2590602 2596785 |
Applies to: Office 2007 Office 2010 |
Bulletin ID: MS11-088 |
Title: Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016) |
Update Type: Security Update |
Severity: Important |
Date: 2011-12-13 |
Description: This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged-on user performed specific actions on a system where an affected version of the Microsoft Pinyin (MSPY) Input Method Editor (IME) for Simplified Chinese is installed. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. Only implementations of Microsoft Pinyin IME 2010 are affected by this vulnerability. Other versions of Simplified Chinese IME and other implementations of IME are not affected. | ||||
Vulnerabilities: CVE-2011-2010 |
Included Updates: 2596511 2652016 |
Applies to: Office 2010 |
Bulletin ID: MS11-086 |
Title: Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837) |
Update Type: Security Update |
Severity: Important |
Date: 2011-11-08 |
Description: This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. | ||||
Vulnerabilities: CVE-2011-2014 |
Included Updates: 2601626 2616310 2630837 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-058 |
Title: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-10-25 |
Description: This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk. | ||||
Vulnerabilities: CVE-2011-1966 CVE-2011-1970 |
Included Updates: 2562485 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 |
Bulletin ID: MS11-082 |
Title: Vulnerabilities in Host Integration Server Could Allow Denial of Service (2607670) |
Update Type: Security Update |
Severity: Important |
Date: 2011-10-11 |
Description: This security update resolves two publicly disclosed vulnerabilities in Host Integration Server. The vulnerabilities could allow denial of service if a remote attacker sends specially crafted network packets to a Host Integration Server listening on UDP port 1478 or TCP ports 1477 and 1478. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the Host Integration Server ports should be blocked from the Internet. | ||||
Vulnerabilities: CVE-2011-2007 CVE-2011-2008 |
Included Updates: 2578757 2579597 2579598 2579599 2607670 |
Applies to: Host Integration Server 2004 Host Integration Server 2006 Host Integration Server 2009 Host Integration Server 2010 |
Bulletin ID: MS11-080 |
Title: Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799) |
Update Type: Security Update |
Severity: Important |
Date: 2011-10-11 |
Description: This security update resolves a privately reported vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability. | ||||
Vulnerabilities: CVE-2011-2005 |
Included Updates: 2592799 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-074 |
Title: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858) |
Update Type: Security Update |
Severity: Important |
Date: 2011-10-11 |
Description: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone. | ||||
Vulnerabilities: CVE-2011-0653 CVE-2011-1252 CVE-2011-1890 CVE-2011-1891 CVE-2011-1892 CVE-2011-1893 |
Included Updates: 2451858 2493987 2494001 2494007 2494022 2508964 2508965 2552997 2552998 2552999 2553001 2553002 2553003 2553005 2560885 2560890 2566445 2566449 2566450 2566456 2566954 2566958 2566960 |
Applies to: Office 2007 Office 2010 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 |
Bulletin ID: MS11-072 |
Title: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505) |
Update Type: Security Update |
Severity: Important |
Date: 2011-10-11 |
Description: This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1986 and CVE-2011-1987. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information about how the Office File Validation feature can be configured to block the attack vectors. | ||||
Vulnerabilities: CVE-2011-1986 CVE-2011-1987 CVE-2011-1988 CVE-2011-1989 CVE-2011-1990 |
Included Updates: 2553070 2553072 2553073 2553074 2553075 2553089 2553090 2553091 2553093 2553094 2553095 2553096 2587505 |
Applies to: Office 2003 Office 2007 Office 2010 |
Bulletin ID: MS11-073 |
Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634) |
Update Type: Security Update |
Severity: Important |
Date: 2011-09-13 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file or if a user opens a legitimate Office file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited either of the vulnerabilities could gain the same user rights as the logged on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-1980 CVE-2011-1982 |
Included Updates: 2584052 2584063 2584066 2587634 |
Applies to: Office 2003 Office 2007 Office 2010 |
Bulletin ID: MS11-070 |
Title: Vulnerability in WINS Could Allow Elevation of Privilege (2571621) |
Update Type: Security Update |
Severity: Important |
Date: 2011-09-13 |
Description: This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user received a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. | ||||
Vulnerabilities: CVE-2011-1984 |
Included Updates: 2571621 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 |
Bulletin ID: MS11-069 |
Title: Vulnerability in .NET Framework Could Allow Information Disclosure (2567951) |
Update Type: Security Update |
Severity: Moderate |
Date: 2011-08-23 |
Description: This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow information disclosure if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. | ||||
Vulnerabilities: CVE-2011-1978 |
Included Updates: 2539631 2539633 2539634 2539635 2539636 2567951 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-066 |
Title: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943) |
Update Type: Security Update |
Severity: Important |
Date: 2011-08-09 |
Description: This security update resolves a privately reported vulnerability in ASP.NET Chart controls. The vulnerability could allow information disclosure if an attacker sent a specially crafted GET request to an affected server hosting the Chart controls. Note that this vulnerability would not allow an attacker to execute code or to elevate the attacker's user rights directly, but it could be used to retrieve information that could be used to further compromise the affected system. Only web applications using Microsoft Chart Control are affected by this issue. Default installations of the .NET Framework are not affected. | ||||
Vulnerabilities: CVE-2011-1977 |
Included Updates: 2487367 2500170 2567943 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-065 |
Title: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222) |
Update Type: Security Update |
Severity: Important |
Date: 2011-08-09 |
Description: This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow denial of service if an affected system received a sequence of specially crafted RDP packets. Microsoft has also received reports of limited, targeted attacks attempting to exploit this vulnerability. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. | ||||
Vulnerabilities: CVE-2011-1968 |
Included Updates: 2570222 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-062 |
Title: Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454) |
Update Type: Security Update |
Severity: Important |
Date: 2011-08-09 |
Description: This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section. | ||||
Vulnerabilities: CVE-2011-1974 |
Included Updates: 2566454 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-061 |
Title: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250) |
Update Type: Security Update |
Severity: Important |
Date: 2011-08-09 |
Description: This security update resolves a privately reported vulnerability in Remote Desktop Web Access. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack for its users when browsing to a Remote Desktop Web Access server in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 is not enabled by default in the Intranet Zone. | ||||
Vulnerabilities: CVE-2011-1263 |
Included Updates: 2546250 |
Applies to: Windows Server 2008 R2 |
Bulletin ID: MS11-060 |
Title: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978) |
Update Type: Security Update |
Severity: Important |
Date: 2011-08-09 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-1972 CVE-2011-1979 |
Included Updates: 2553008 2553009 2553010 2560978 |
Applies to: Office 2003 Office 2007 Office 2010 |
Bulletin ID: MS11-055 |
Title: Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847) |
Update Type: Security Update |
Severity: Important |
Date: 2011-07-12 |
Description: This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2010-3148 |
Included Updates: 2493523 2560847 |
Applies to: Office 2003 |
Bulletin ID: MS11-051 |
Title: Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295) |
Update Type: Security Update |
Severity: Important |
Date: 2011-06-14 |
Description: This security update resolves a privately reported vulnerability in Active Directory Certificate Services Web Enrollment. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. An attacker who successfully exploited this vulnerability would need to send a specially crafted link and convince a user to click the link. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site. | ||||
Vulnerabilities: CVE-2011-1264 |
Included Updates: 2518295 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 |
Bulletin ID: MS11-049 |
Title: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) |
Update Type: Security Update |
Severity: Important |
Date: 2011-06-14 |
Description: This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system. | ||||
Vulnerabilities: CVE-2011-1280 |
Included Updates: 2251481 2251487 2251489 2494086 2494088 2494089 2494094 2494096 2494100 2494112 2494113 2494120 2494123 2510061 2510065 2543893 2546869 |
Applies to: Office 2007 Office 2010 SQL Server 2005 SQL Server 2008 SQL Server 2008 R2 Visual Studio 2005 Visual Studio 2008 Visual Studio 2010 |
Bulletin ID: MS11-047 |
Title: Vulnerability in Hyper-V Could Allow Denial of Service (2525835) |
Update Type: Security Update |
Severity: Important |
Date: 2011-06-14 |
Description: This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users. | ||||
Vulnerabilities: CVE-2011-1872 |
Included Updates: 2525835 |
Applies to: Windows Server 2008 Windows Server 2008 R2 |
Bulletin ID: MS11-045 |
Title: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146) |
Update Type: Security Update |
Severity: Important |
Date: 2011-06-14 |
Description: This security update resolves eight privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1272, CVE-2011-1273, and CVE-2011-1279. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information about how the Office File Validation feature can be configured to block the attack vectors. Microsoft Excel 2010 is only affected by CVE-2011-1273 described in this bulletin. The automated Microsoft Fix it solution, "Disable Edit in Protected View for Excel 2010," available in Microsoft Knowledge Base Article 2501584, blocks the attack vectors for exploiting CVE-2011-1273. | ||||
Vulnerabilities: CVE-2011-1272 CVE-2011-1273 CVE-2011-1274 CVE-2011-1275 CVE-2011-1276 CVE-2011-1277 CVE-2011-1278 CVE-2011-1279 |
Included Updates: 2523021 2537146 2541003 2541007 2541012 2541015 2541025 |
Applies to: Office 2002/XP Office 2003 Office 2007 Office 2010 |
Bulletin ID: MS11-042 |
Title: Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-06-14 |
Description: This security update resolves two privately reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities could allow remote code execution when an attacker sends a specially crafted DFS response to a client-initiated DFS request. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. | ||||
Vulnerabilities: CVE-2011-1868 CVE-2011-1869 |
Included Updates: 2535512 |
Applies to: Windows 7 Windows Embedded Standard 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-040 |
Title: Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-06-14 |
Description: This security update resolves a privately reported vulnerability in the Microsoft Forefront Threat Management Gateway (TMG) 2010 Client, formerly named the Microsoft Forefront Threat Management Gateway Firewall Client. The vulnerability could allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the TMG firewall client is used. | ||||
Vulnerabilities: CVE-2011-1889 |
Included Updates: 2520426 |
Applies to: TMG Firewall Client |
Bulletin ID: MS11-039 |
Title: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-06-14 |
Description: This security update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. | ||||
Vulnerabilities: CVE-2011-0664 |
Included Updates: 2478656 2478657 2478658 2478659 2478660 2478661 2478662 2478663 2512827 2514842 |
Applies to: Silverlight Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-028 |
Title: Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-06-14 |
Description: This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. | ||||
Vulnerabilities: CVE-2010-3958 |
Included Updates: 2446704 2446708 2446709 2446710 2449741 2449742 2484015 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-036 |
Title: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814) |
Update Type: Security Update |
Severity: Important |
Date: 2011-05-10 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1269 and CVE-2011-1270. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information about how the Office File Validation feature can be configured to block the attack vectors. | ||||
Vulnerabilities: CVE-2011-1269 CVE-2011-1270 |
Included Updates: 2535802 2535812 2535818 2540162 2545814 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS11-035 |
Title: Vulnerability in WINS Could Allow Remote Code Execution (2524426) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-05-10 |
Description: This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system. Only customers who manually installed this component are affected by this issue. | ||||
Vulnerabilities: CVE-2011-1248 |
Included Updates: 2524426 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 |
Bulletin ID: MS11-033 |
Title: Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663) |
Update Type: Security Update |
Severity: Important |
Date: 2011-04-12 |
Description: This security update resolves a privately reported vulnerability in Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section. | ||||
Vulnerabilities: CVE-2011-0028 |
Included Updates: 2485663 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-029 |
Title: Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-04-12 |
Description: This security update resolves a privately reported vulnerability in Microsoft Windows GDI+. The vulnerability could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-0041 |
Included Updates: 2412687 2489979 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-023 |
Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293) |
Update Type: Security Update |
Severity: Important |
Date: 2011-04-12 |
Description: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file or if a user opens a legitimate Office file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-0107 CVE-2011-0977 |
Included Updates: 2489293 2509461 2509488 2509503 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS11-022 |
Title: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283) |
Update Type: Security Update |
Severity: Important |
Date: 2011-04-12 |
Description: This security update resolves three privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The automated Microsoft Fix it solution for PowerPoint 2010, "Disable Edit in Protected View for PowerPoint 2010," available in Microsoft Knowledge Base Article 2501584, blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-0655 and CVE-2011-0656. | ||||
Vulnerabilities: CVE-2011-0655 CVE-2011-0656 CVE-2011-0976 |
Included Updates: 2464588 2464594 2464617 2464623 2464635 2489283 2519975 2519984 2520047 |
Applies to: Office 2002/XP Office 2003 Office 2007 Office 2010 |
Bulletin ID: MS11-021 |
Title: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279) |
Update Type: Security Update |
Severity: Important |
Date: 2011-04-12 |
Description: This security update resolves nine privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-0097 CVE-2011-0098 CVE-2011-0101 CVE-2011-0103 CVE-2011-0104 CVE-2011-0105 CVE-2011-0978 CVE-2011-0979 CVE-2011-0980 |
Included Updates: 2464583 2466146 2466156 2466158 2466169 2489279 2502786 |
Applies to: Office 2002/XP Office 2003 Office 2007 Office 2010 |
Bulletin ID: MS11-017 |
Title: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) |
Update Type: Security Update |
Severity: Important |
Date: 2011-03-08 |
Description: This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application. | ||||
Vulnerabilities: CVE-2011-0029 |
Included Updates: 2481109 2483614 2483618 2483619 2508062 |
Applies to: Windows 7 Windows Embedded Standard 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-016 |
Title: Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047) |
Update Type: Security Update |
Severity: Important |
Date: 2011-03-08 |
Description: This security update resolves a publicly disclosed vulnerability in Microsoft Groove that could allow remote code execution if a user opens a legitimate Groove-related file that is located in the same network directory as a specially crafted library file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2010-3146 |
Included Updates: 2494047 |
Applies to: Office 2007 |
Bulletin ID: MS11-011 |
Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802) |
Update Type: Security Update |
Severity: Important |
Date: 2011-02-28 |
Description: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. | ||||
Vulnerabilities: CVE-2010-4398 CVE-2011-0045 |
Included Updates: 2393802 |
Applies to: Windows 7 Windows Embedded Standard 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS10-077 |
Title: Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-02-22 |
Description: This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. | ||||
Vulnerabilities: CVE-2010-3228 |
Included Updates: 2160841 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP x64 Edition |
Bulletin ID: MS10-070 |
Title: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) |
Update Type: Security Update |
Severity: Important |
Date: 2011-02-22 |
Description: This security update resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability. | ||||
Vulnerabilities: CVE-2010-3332 |
Included Updates: 2416447 2416451 2416468 2416469 2416470 2416471 2416472 2416473 2416474 2416754 2418042 2418240 2418241 |
Applies to: Windows 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-014 |
Title: Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960) |
Update Type: Security Update |
Severity: Important |
Date: 2011-02-08 |
Description: This security update resolves a privately reported vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of these operating systems. For more information, see the subsection, Affected and Non-Affected Software, in this section. | ||||
Vulnerabilities: CVE-2011-0039 |
Included Updates: 2478960 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-010 |
Title: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687) |
Update Type: Security Update |
Severity: Important |
Date: 2011-02-08 |
Description: This security update resolves a privately reported vulnerability in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS) in Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of these operating systems. For more information, see the subsection, Affected and Non-Affected Software, in this section. | ||||
Vulnerabilities: CVE-2011-0030 |
Included Updates: 2476687 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-008 |
Title: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879) |
Update Type: Security Update |
Severity: Important |
Date: 2011-02-08 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-0092 CVE-2011-0093 |
Included Updates: 2434711 2434733 2434737 2451879 |
Applies to: Office 2002/XP Office 2003 Office 2007 |
Bulletin ID: MS11-006 |
Title: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-02-08 |
Description: This security update resolves a publicly disclosed vulnerability in the Windows Shell graphics processor. The vulnerability could allow remote code execution if a user views a specially crafted thumbnail image. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2010-3970 |
Included Updates: 2483185 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-005 |
Title: Vulnerability in Active Directory Could Allow Denial of Service (2478953) |
Update Type: Security Update |
Severity: Important |
Date: 2011-02-08 |
Description: This security update resolves a publicly disclosed vulnerability in Active Directory. The vulnerability could allow denial of service if an attacker sent a specially crafted packet to an affected Active Directory server. The attacker must have valid local administrator privileges on the domain-joined computer in order to exploit this vulnerability. | ||||
Vulnerabilities: CVE-2011-0040 |
Included Updates: 2478953 |
Applies to: Windows Server 2003 Windows Server 2003, Datacenter Edition |
Bulletin ID: MS11-004 |
Title: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256) |
Update Type: Security Update |
Severity: Important |
Date: 2011-02-08 |
Description: This security update resolves a publicly disclosed vulnerability in Microsoft Internet Information Services (IIS) FTP Service. The vulnerability could allow remote code execution if an FTP server receives a specially crafted FTP command. FTP Service is not installed by default on IIS. | ||||
Vulnerabilities: CVE-2010-3972 |
Included Updates: 2489256 |
Applies to: Windows 7 Windows Server 2008 Windows Server 2008 R2 Windows Vista |
Bulletin ID: MS11-002 |
Title: Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910) |
Update Type: Security Update |
Severity: Critical |
Date: 2011-01-11 |
Description: This security update resolves two privately reported vulnerabilities in Microsoft Data Access Components. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
Vulnerabilities: CVE-2011-0026 CVE-2011-0027 |
Included Updates: 2419632 2419635 2419640 2451910 |
Applies to: Windows 7 Windows Embedded Standard 7 Windows Server 2003 Windows Server 2003, Datacenter Edition Windows Server 2008 Windows Server 2008 R2 Windows Vista Windows XP Windows XP x64 Edition |
Bulletin ID: MS11-001 |
Title: Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935) |
Update Type: Security Update |
Severity: Important |
Date: 2011-01-11 |
Description: This security update resolves a publicly disclosed vulnerability in Windows Backup Manager. The vulnerability could allow remote code execution if a user opens a legitimate Windows Backup Manager file that is located in the same network directory as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open the legitimate file from that location, which in turn could cause Windows Backup Manager to load the specially crafted library file. | ||||
Vulnerabilities: CVE-2010-3145 |
Included Updates: 2478935 |
Applies to: Windows Vista |