12345

8/10/2011

Microsoft Security Bulletin Summary for August 2011

1. Introduction

Microsoft(MS)'s regular security updates were released for August 2011.
Users who use MS OS strongly recommended update to be safe from Interner Explorer cumulative security update, Vulnerability of DNS server, Data Access Components, Microsoft Visio, Vulnerability of remote desktop web access, and Remote code Execution, Elevation of Privilege,Denial of Service using Vulnerabilities of TCP/IP stack on August.

2. Update details

[Critical]
[MS11-057] Cumulative Security Update for Internet Explorer (2559049)


Vulnerability: Window Open Race Condition Vulnerability - CVE-2011-1257
Event Handlers Information Disclosure Vulnerability - CVE-2011-1960
Telnet Handler Remote Code Execution Vulnerability - CVE-2011-1961
Shift JIS Character Encoding Vulnerability - CVE-2011-1962
XSLT Memory Corruption Vulnerability - CVE-2011-1963
Style Object Memory Corruption Vulnerability - CVE-2011-1964
Drag and Drop Information Disclosure Vulnerability - CVE-2011-2383

This security update resolves five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

◈ Affected Software

- Internet Explorer 6 with Windows XP Service Pack 3
- Internet Explorer 6 with Windows XP Professional x64 Edition SP2
- Internet Explorer 6 with Windows Server 2003 SP2
- Internet Explorer 6 with Windows Server 2003 x64 Edition SP2
- Internet Explorer 6 with Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 with Windows XP SP3
- Internet Explorer 7 with Windows XP Professional x64 Edition SP2
- Internet Explorer 7 with Windows Server 2003 SP2
- Internet Explorer 7 with Windows Server 2003 x64 Edition SP2
- Internet Explorer 7 with Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 whit Windows Vista SP2
- Internet Explorer 7 with Windows Vista x64 Edition SP2
- Internet Explorer 7 with Windows Server 2008 for 32-bit Systems SP2
- Internet Explorer 7 with Windows Server 2008 for x64-based Systems SP2
- Internet Explorer 7 with Windows Server 2008 for Itanium-based Systems SP2
- Internet Explorer 8 with Windows XP SP3
- Internet Explorer 8 with Windows XP Professional x64 Edition SP2
- Internet Explorer 8 with Windows Server 2003 SP2
- Internet Explorer 8 with Windows Server 2003 x64 Edition SP2
- Internet Explorer 8 with Windows 7 for 32-bit and Windows 7 for 32-bit SP1
- Internet Explorer 8 with Windows 7 for x64-based and Windows 7 for x64-based SP1
- Internet Explorer 8 whit Windows Vista SP2
- Internet Explorer 8 with Windows Vista x64 Edition SP2
- Internet Explorer 8 with Windows Server 2008 for 32-bit Systems SP2
- Internet Explorer 8 with Windows Server 2008 for 64-bit Systems SP2
- Internet Explorer 8 with Windows 2008 R2 for x64-based Systems SP1
- Internet Explorer 8 with Windows 2008 R2 for Itanium-based Systems SP1
- Internet Explorer 9 with Windows Vista SP2
- Internet Explorer 9 with Windows Vista x64 Edition SP2
- Internet Explorer 9 with Windows Server 2008 for 32-bit SP2
- Internet Explorer 9 with Windows Server 2008 for 64-bit SP2
- Internet Explorer 9 with Windows 7 for 32-bit and Windows 7 for 32-bit SP1
- Internet Explorer 9 with Windows 7 for x64-based and Windows 7 for x64-based SP1
- Internet Explorer 9 with Windows Server 2008 R2 for 64-bit and Windows Server 2008 R2 for 64-bit SP1

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-057.mspx



[Critical]
[MS11-058] Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)


Vulnerability: DNS NAPTR Query Vulnerability - CVE-2011-1966(CVE-2011-1966)
DNS Uninitialized Memory Corruption Vulnerability - CVE-2011-1970 (CVE-2011-1970)

This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk.

◈ Affected Software

- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-058.mspx




[Important]
[MS11-059] Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656)


Vulnerability: Data Access Components Insecure Library Loading Vulnerability - CVE-2011-1975

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate Excel file (such as a .xlsx file) that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

◈ Affected Software

- Windows 7 for 32-bit and Windows 7 for 32bit SP1
- Windows 7 for x64-based and Windows 7 for x64-based SP1
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1
- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP2

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-059.mspx



[Important]
[MS11-060] Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978)


Vulnerability: pStream Release RCE Vulnerability(CVE-2011-1972)
Move Around the Block RCE Vulnerability(CVE-2011-1979)

This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

◈ Affected Software

- Microsoft Visio 2003 Service Pack 3
- Microsoft Visio 2007 Service Pack 2
- Microsoft Visio 2010 and Microsoft Visio 2010 Service Pack 1 (32-bit editions)
- Microsoft Visio 2010 and Microsoft Visio 2010 Service Pack 1 (64-bit editions)

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-060.mspx



[Important]
[MS11-061] Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)


Vulnerability: Remote Desktop Web Access Vulnerability - CVE-2011-1263

This security update resolves a privately reported vulnerability in Remote Desktop Web Access. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack for its users when browsing to a Remote Desktop Web Access server in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 is not enabled by default in the Intranet Zone.

◈ Affected Software

- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP2

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-061.mspx



[Important]
[MS11-062] Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454)


Vulnerability : NDISTAPI Elevation of Privilege Vulnerability - CVE-2011-1974

This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section.

◈ Affected Software

- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-062.mspx



[Important]
[MS11-063] Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)


Vulnerability: CSRSS Vulnerability - CVE-2011-1967

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

◈ Affected Software

- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based
- Windows Vista SP2
- Windows Vista x64 Edition SP2
- Windows Server 2008 for 32bit and Windows 2008 for 32bit SP2
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 for Itanium-based and Windows Server 2008 for Itanium SP2
- Windows 7 for 32-bit and Windows 7 for 32bit SP1
- Windows 7 for x64-based and Windows 7 for x64-based SP1
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1
- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP1

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-063.mspx



[Important]
[MS11-064] Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)


Vulnerability: ICMP Denial of Service Vulnerability - CVE-2011-1871
TCP/IP QOS Denial of Service Vulnerability - CVE-2011-1965

This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow denial of service if an attacker sends a sequence of specially crafted Internet Control Message Protocol (ICMP) messages to a target system or sends a specially crafted URL request to a server that is serving Web content and has the URL-based Quality of Service (QoS) feature enabled.

◈ Affected Software

- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP2
- Windows Server 2008 for 32bit and Windows 2008 for 32bit SP2
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 for Itanium-based and Windows Server 2008 for Itanium SP2
- Windows 7 for 32-bit and Windows 7 for 32bit SP1
- Windows 7 for x64-based and Windows 7 for x64-based SP1
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1
- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP1

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-064.mspx



[Important]
[MS11-065] Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)


Vulnerability: Remote Desktop Protocol Vulnerability - CVE-2011-1968

This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow denial of service if an affected system received a sequence of specially crafted RDP packets. Microsoft has also received reports of limited, targeted attacks attempting to exploit this vulnerability. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system.

◈ Affected Software

- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-065.mspx



[Important]
[MS11-066] Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)


Vulnerability: Chart Control Information Disclosure Vulnerability - CVE-2011-1977

This security update resolves a privately reported vulnerability in ASP.NET Chart controls. The vulnerability could allow information disclosure if an attacker sent a specially crafted GET request to an affected server hosting the Chart controls. Note that this vulnerability would not allow an attacker to execute code or to elevate the attacker's user rights directly, but it could be used to retrieve information that could be used to further compromise the affected system. Only web applications using Microsoft Chart Control are affected by this issue. Default installations of the .NET Framework are not affected.

◈ Affected Software

- Windows XP SP3 for Microsoft .NET Framework 4
- Windows XP Professional x64 Edition SP2 Microsoft .NET Framework 4
- Windows Server 2003 SP2 for Microsoft .NET Framework 4
- Windows Server 2003 x64 Edition SP2 for Microsoft .NET Framework 4
- Windows Server 2003 with SP2 for Itanium-based Systems Microsoft .NET Framework 4
- Windows Vista SP2 for Microsoft .NET Framework 4
- Windows Vista x64 Edition SP2 for Microsoft .NET Framework 4
- Windows Server 2008 for 32-bit Systems SP2 for Microsoft .NET Framework 4
- Windows Server 2008 for x64-based Systems SP2 for Microsoft .NET Framework 4
- Windows Server 2008 for Itanium-based Systems SP2 for Microsoft .NET Framework 4
- Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems SP1 for Microsoft .NET Framework 4
- Windows 7 for x64-based Systems and Windows 7 for x64-based Systems SP1 for Microsoft .NET Framework 4
- Windows Server 2008 R2 for x64-based Systems for Microsoft .NET Framework 4
- Windows Server 2008 R2 for x64-based Systems SP1 for Microsoft .NET Framework 4
- Windows Server 2008 R2 for Itanium-based Systems for Microsoft .NET Framework 4
- Windows Server 2008 R2 for Itanium-based Systems SP1 for Microsoft .NET Framework 4

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-066.mspx



[Important]
[MS11-067] Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)


Vulnerability: Report Viewer Controls XSS Vulnerability - CVE-2011-1976

This security update resolves a privately reported vulnerability in Microsoft Report Viewer. The vulnerability could allow information disclosure if a user views a specially crafted Web page. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site.

◈ Affected Software

- Microsoft Visual Studio 2005 SP1
- Microsoft Report Viewer 2005 SP1 Redistributable Package

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-067.mspx



[Moderate]
[MS11-068] Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)


Vulnerability: Windows Kernel Metadata Parsing DOS Vulnerability - CVE-2011-1971

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user visits a network share (or visits a Web site that points to a network share) containing a specially crafted file. In all cases, however, an attacker would have no way to force a user to visit such a network share or Web site. Instead, an attacker would have to convince a user to do so, typically by getting the user to click a link in an e-mail message or Instant Messenger message.

◈ Affected Software

- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP2
- Windows Server 2008 for 32bit and Windows 2008 for 32bit SP2
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 for Itanium-based and Windows Server 2008 for Itanium SP2
- Windows 7 for 32-bit and Windows 7 for 32bit SP1
- Windows 7 for x64-based and Windows 7 for x64-based SP1
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1
- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP1

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-068.mspx



[Moderate]
[MS11-069] Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)


Vulnerability: Socket Restriction Bypass Vulnerability - CVE-2011-1978

This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow information disclosure if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

◈ Affected Software

- Windows XP SP3 for Microsoft .NET Framework 2.0 SP2
- Windows XP SP3 for Microsoft .NET Framework 4
- Windows XP Professional x64 Edition SP2 for Microsoft .NET Framework 2.0 SP2
- Windows XP Professional x64 Edition SP2 for Microsoft .NET Framework 4
- Windows Server 2003 SP2 for Microsoft .NET Framework 2.0 SP2
- Windows Server 2003 SP2 for Microsoft .NET Framework 4
- Windows Server 2003 x64 Edition SP2 for Microsoft .NET Framework 2.0 SP2
- Windows Server 2003 x64 Edition SP2 for Microsoft .NET Framework 4
- Windows Server 2003 SP2 Itanium-based for Microsoft .NET Framework 2.0 SP2
- Windows Server 2003 SP2 Itanium-based for Microsoft .NET Framework 4
- Windows Vista SP2 for Microsoft .NET Framework 2.0 SP2
- Windows Vista SP2 for Microsoft .NET Framework 4
- Windows Vista x64 Edition SP2 for Microsoft .NET Framework 2.0 SP2
- Windows Vista x64 Edition SP2 for Microsoft .NET Framework 4
- Windows Server 2008 for 32bit for Microsoft .NET Framework 2.0 SP2
- Windows Server 2008 for 32bit for Microsoft .NET Framework 4
- Windows 2008 for 32bit SP2 for Microsoft .NET Framework 2.0 SP2
- Windows 2008 for 32bit SP2 for Microsoft .NET Framework 4
- Windows Server 2008 for x64-based for Microsoft .NET Framework 2.0 SP2
- Windows Server 2008 for x64-based for Microsoft .NET Framework 4
- Windows Server 2008 for x64-based SP2 for Microsoft .NET Framework 2.0 SP2
- Windows Server 2008 for x64-based SP2 for Microsoft .NET Framework 4
- Windows Server 2008 for Itanium-based for Microsoft .NET Framework 2.0 SP2
- Windows Server 2008 for Itanium-based for Microsoft .NET Framework 4
- Windows Server 2008 for Itanium SP2 for for Microsoft .NET Framework 2.0 SP2
- Windows Server 2008 for Itanium SP2 for Microsoft .NET Framework 4
- Windows 7 for 32-bit for Microsoft .NET Framework 3.5.1
- Windows 7 for 32-bit for Microsoft .NET Framework 4
- Windows 7 for 32bit SP1 for Microsoft .NET Framework 3.5.1
- Windows 7 for 32bit SP1 for Microsoft .NET Framework 4
- Windows 7 for x64-based for Microsoft .NET Framework 3.5.1
- Windows 7 for x64-based SP1 for Microsoft .NET Framework 4
- Windows Server 2008 R2 for x64-based for Microsoft .NET Framework 3.5.1
- Windows Server R2 for x64-based SP1 for Microsoft .NET Framework 4
- Windows Server 2008 R2 for Itanium-based for Microsoft .NET Framework 3.5.1
- Windows Server 2008 R2 for Itanium SP1 for Microsoft .NET Framework 4

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-069.mspx

No comments:

Post a Comment