August 2011

August 2011 Security Bulletin Webcast Q&A

Hosts:                 Jonathan Ness, Security Development Manager

                            Jerry Bryant, Group Manager, Response Communications

Website:             TechNet/security

Chat Topic:        August 2011 Security Bulletin Release

Date:                   Wednesday, August 10, 2011

 

 

Q: Is MS11-061 *ONLY* applicable if you have Remote Desktop Web Access enabled? 

A: Yes, Windows Server 2008 R2
and Windows Server 2008 R2 Service Pack 1 are only affected if the Remote
Desktop Web Access role is enabled on the server.

 

Q: For what types of Excel files will KB2560656MS11-059 -- cause extra prompts for users?

A: Potentially, any type of Excel file can be used. This vulnerability is most common to .xlsx files.

 

Q: Are there known issues for MS11-069? I followed the link from the MS11-069
article to the KB2567951, and then looked at all the KBs listed under "Known Issues and additional Information" and didn't see anything listed as a known issue. Just want to
make sure I am not overlooking something.

A: There are no new known issues for the updates listed in MS11-069. In some cases some of the updates listed in MS11-069 may have low impact, non-actionable issues. These would have been previously documented in individual KB articles as an FYI. We will not be linking to FYI-type KB articles for non-actionable low impact issues, we ask instead that if you encounter a specific issue while installing an updateyou look up the symptom for the problem or the error message you encounter if you see one to find any associated KB article.

 

Q: Why does MS11-059 have a low priority deployment when is a Remote Code Execution (RCE) and an Exploitability Rating (XI) of 1?

A: For this case, the Exploitability Index is
1, but there is a lot of user interaction involved in making this a functioning
exploit. This lowers the deployment rating.

 

Q: Is Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package applicable
to Windows 7 and Windows Server 2008 R2?

A: No. The Report Viewer 2005 SP1 package is not supported on Windows 7 or Windows Server 2008 R2.

 

Q: I saw last week on a PC that the Malicious Software Removal Tool (MSRT) had run on its own, saying it removed something. Does the MSRT do that or is it “scareware” trying to look
like MSRT?

A: Without more context it is hard to know whether it is MSRT or a rogue behavior. MSRT
runs in the background by WU/AU. However when a machine is rebooted, MSRT may
notify the user about the disinfection. Some disinfection requires user’s interaction after reboot.

 

Q: Is there a blocker tool for .Net Framework 4.0 that can be deployed like IE 8/9 blocker tool (defense in depth)?

A: Users can temporarily block the installation of the .NET Framework 4 Client Profile from
WU and WSUS by following the instructions documented in this KB article: http://support.microsoft.com/kb/982320