12345

9/15/2011

Microsoft Security Bulletin Summary for September 2011

1. Introduction

Microsoft(MS)'s regular security updates were released for September 2011.
Users who use MS OS strongly recommended update to be safe from Vulnerability in WINS Could Allow Elevation of Privilege, Vulnerability in Windows Components Could Allow Remote Code Execution, Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution, Vulnerabilities in Microsoft Office Could Allow Remote Code Execution.

2. Update details

[Important]
[MS11-070] Vulnerability in WINS Could Allow Elevation of Privilege (2571621)


Vulnerbility: WINS Local Elevation of Privilege Vulnerability - CVE-2011-1984

This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user received a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

Affected Software

- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based
- Windows Server 2008 for 32bit and Windows 2008 for 32bit SP2
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-070.mspx



[Important]
[MS11-071] Vulnerability in Windows Components Could Allow Remote Code Execution (2570947)


Vulnerability : Windows Components Insecure Library Loading Vulnerability - CVE-2011-1991

This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate rich text format file (.rtf), text file (.txt), or Word document (.doc) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Affected Software

- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 SP2 Itanium-based
- Windows Vista SP2
- Windows Vista x64 Edition SP2
- Windows Server 2008 for 32bit and Windows 2008 for 32bit SP2
- Windows Server 2008 for x64-based and Windows Server 2008 for x64-based SP2
- Windows Server 2008 for Itanium-based and Windows Server 2008 for Itanium SP2
- Windows 7 for 32-bit and Windows 7 for 32bit SP1
- Windows 7 for x64-based and Windows 7 for x64-based SP1
- Windows Server 2008 R2 for x64-based and Windows Server R2 for x64-based SP1
- Windows Server 2008 R2 for Itanium-based and Windows Server 2008 R2 for Itanium SP1

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-071.mspx



[Important]
[MS11-072] Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505)


Vulnerability : Excel Use after Free WriteAV Vulnerability - CVE-2011-1986
Excel Out of Bounds Array Indexing Vulnerability - CVE-2011-1987
Excel Heap Corruption Vulnerability - CVE-2011-1988
Excel Conditional Expression Parsing Vulnerability - CVE-2011-1989
Excel Out of Bounds Array Indexing Vulnerability - CVE-2011-1990


This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1986 and CVE-2011-1987.

Affected Software

- Microsoft Office 2003 SP3
- Microsoft Office 2007 SP2
- Microsoft Office 2010 and Microsoft Office 2010 SP1 (32-bit editions)
- Microsoft Office 2010 and Microsoft Office 2010 SP1 (64-bit editions)
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Open XML File Format Converter for Mac
- Microsoft Excel Viewer SP2
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-072.mspx



[Important]
[MS11-073] Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634)


Vulnerability : Office Component Insecure Library Loading Vulnerability - CVE-2011-1980
Office Uninitialized Object Pointer Vulnerability - CVE-2011-1982


This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file or if a user opens a legitimate Office file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited either of the vulnerabilities could gain the same user rights as the logged on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Affected Software

- Microsoft Office 2003 SP3
- Microsoft Office 2007 SP2
- Microsoft Office 2010 and Microsoft Office 2010 SP1 (32-bit editions)
- Microsoft Office 2010 and Microsoft Office 2010 SP1 (64-bit editions)

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-073.mspx



[Important]
[MS11-074] Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858)


Vulnerability : XSS in SharePoint Calendar Vulnerability - CVE-2011-0653
HTML Sanitization Vulnerability - CVE-2011-1252
Editform Script Injection Vulnerability - CVE-2011-1890
Contact Details Reflected XSS Vulnerability - CVE-2011-1891
SharePoint Remote File Disclosure Vulnerability - CVE-2011-1892
SharePoint XSS Vulnerability - CVE-2011-1893


This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone.

Affected Software

- Microsoft Office Groove 2007 SP2
- Microsoft SharePoint Workspace 2010 and Microsoft SharePoint Workspace 2010 SP1 (32-bit editions)
- Microsoft SharePoint Workspace 2010 and Microsoft SharePoint Workspace 2010 SP1 (64-bit editions)

- Reference site

http://www.microsoft.com/technet/security/bulletin/MS11-074.mspx

No comments:

Post a Comment