12345

7/13/2011

Microsoft Security Bulletin Summary for July 2011

1. Introduction

Microsoft (MS) regular security updates were released for July 2011.
Strongly recommended general user updates to be safe from the vulnerabilities through updating Windows OS security Update for Bluetooth, Microsoft Visio, Windows kernel-mode drivers, Client Remote Code Execution.

Microsoft Security Bulletin Summary for July 2011
 http://www.microsoft.com/technet/security/bulletin/ms11-jul.mspx

2. Updates details 

[Critical]
[MS11-053] Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)

Vulnerability

Bluetooth Stack Vulnerability - CVE-2011-1265

This security update resolves a privately reported vulnerability in the Windows Bluetooth Stack. The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only affects systems with Bluetooth capability.

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-053.mspx

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

[Important]

[MS11-054] Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)

Vulnerabilities

Win32k Use After Free Vulnerability - CVE-2011-1875
Win32k Use After Free Vulnerability - CVE-2011-1876
Win32k Use After Free Vulnerability - CVE-2011-1877
Win32k Use After Free Vulnerability - CVE-2011-1878
Win32k Use After Free Vulnerability - CVE-2011-1879
Win32k Null Pointer De-reference Vulnerability - CVE-2011-1880
Win32k Null Pointer De-reference Vulnerability - CVE-2011-1881
Win32k Use After Free Vulnerability - CVE-2011-1882
Win32k Use After Free Vulnerability - CVE-2011-1883
Win32k Use After Free Vulnerability - CVE-2011-1884
Win32k Null Pointer De-reference Vulnerability - CVE-2011-1885
Win32k Incorrect Parameter Allows Information Disclosure Vulnerability - CVE-2011-1886
Win32k Null Pointer De-reference Vulnerability - CVE-2011-1887
Win32k Null Pointer De-reference Vulnerability - CVE-2011-1888


This security update resolves 15 privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.

◈ Affected Softwares

- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based
- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP2
- Windows Server 2008 for 32bit and Windows 2008 for 32bit SP2
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 for Itanium-based and Windows Server 2008 for Itanium SP2
- Windows 7 for 32-bit and Windows 7 for 32bit SP1
- Windows 7 for x64-based and Windows 7 for x64-based SP1
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1
- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP2

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-054.mspx


━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

[Important]
[MS11-055] Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)


Vulnerability


Microsoft Visio Insecure Library Loading Vulnerability - CVE-2010-3148

This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

◈ Affected Software


- Visio 2003 Service Pack 3

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-055.mspx


━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

[Important]
[MS11-056] Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)


Vulnerabilities

CSRSS Local EOP AllocConsole Vulnerability - CVE-2011-1281
CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability - CVE-2011-1282
CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability - CVE-2011-1283
CSRSS Local EOP SrvWriteConsoleOutput Vulnerability - CVE-2011-1284
CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability - CVE-2011-1870


This security update resolves five privately reported vulnerabilities in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities.


◈ Affected Software

- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based
- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP2
- Windows Server 2008 for 32bit and Windows 2008 for 32bit SP2
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 for Itanium-based and Windows Server 2008 for Itanium SP2
- Windows 7 for 32-bit and Windows 7 for 32bit SP1
- Windows 7 for x64-based and Windows 7 for x64-based SP1
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1
- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP2


- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-056.mspx

1 comment: