What is the purpose of this alert?
This alert is to provide you with an overview of the new security bulletin(s) being released on February 08, 2011. Security bulletins are released monthly to resolve critical problem vulnerabilities.
New Security Bulletins
Microsoft is releasing the following 12 new security bulletins for newly discovered vulnerabilities. You can check out the details of the bulletins below:
Bulletin ID
Bulletin Title
Max Severity Rating
Vulnerability Impact
Restart Requirement
Affected Software
MS11-003
Cumulative Security Update for Internet Explorer (2482017)
Critical
Remote Code Execution
Requires restart
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS11-004
Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
Important
May require restart
Microsoft Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS11-005
Vulnerability in Active Directory Could Allow Denial of Service (2478953)
Denial of Service
Microsoft Windows Server 2003
MS11-006
Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
MS11-007
Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
MS11-008
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)
Microsoft Visio 2002, Visio 2003, and Visio 2007.
MS11-009
Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
Information Disclosure
Microsoft Windows 7 and Windows Server 2008 R2.
MS11-010
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
Elevation of Privilege
Microsoft Windows XP and Windows Server 2003.
MS11-011
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
MS11-012
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
MS11-013
Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
Microsoft Windows XP, Windows Server 2003, Windows 7, and Windows Server 2008 R2.
MS11-014
Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)
Summaries for new bulletin(s) may be found at http://www.microsoft.com/technet/security/bulletin/MS11-feb.mspx.
Microsoft Windows Malicious Software Removal Tool
Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830.
That’s about it for this month folks. Make sure you have a look at the details of these bulletins and apply them to your environments where it makes sense.
Jeffa