August '11 Patch Tuesday: Details on the Critical Bulletins
As part of the Patch Tuesday program, Microsoft rolled out a grand total of 13 security bulletins on Tuesday, August 9th. These bulletins are meant to address 22 vulnerabilities that affect the Windows operating system, the Internet Explorer web browser, the .NET Framework, and the integrated development environment (IDE) Visual Studio.
The good news is that out of the 13 security bulletins only 2 carry the top severity rating of “critical”. As a little reminder, Microsoft uses the “critical” rating when it deals with vulnerabilities whose exploitation could allow the propagation of an Internet worm without user action.
Microsoft has released additional information on the 2 security bulletins that are rated as critical. Here are those details:
MS11-057 – Cumulative Security Update for Internet Explorer
Description: Five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.
Rating: Critical.
Affected software: Microsoft Windows, Internet Explorer.
Most likely attack vector: Victim browses to a malicious webpage.
Exploitability: Microsoft expects to see reliable exploits developed within the next 30 days.
MS11-058 – Vulnerabilities in DNS Server Could Allow Remote Code Execution
Description: Two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk.
Rating: Critical.
Affected software: Microsoft Windows.
Most likely attack vector: Attacker sends name resolution request to victim DNS server that is configured to issue requests to a malicious DNS server. Response from malicious DNS server to victim DNS server is improperly handled, resulting in denial of service on victim DNS server.
Exploitability: Microsoft thinks its unlikely it will see exploits developed in the next 30 days.
For additional information on the security bulletins Microsoft rolled out as part of the August 2011 Patch Tuesday, click here and here.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the August 2011 Patch Tuesday.
The good news is that out of the 13 security bulletins only 2 carry the top severity rating of “critical”. As a little reminder, Microsoft uses the “critical” rating when it deals with vulnerabilities whose exploitation could allow the propagation of an Internet worm without user action.
Microsoft has released additional information on the 2 security bulletins that are rated as critical. Here are those details:
MS11-057 – Cumulative Security Update for Internet Explorer
Description: Five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.
Rating: Critical.
Affected software: Microsoft Windows, Internet Explorer.
Most likely attack vector: Victim browses to a malicious webpage.
Exploitability: Microsoft expects to see reliable exploits developed within the next 30 days.
MS11-058 – Vulnerabilities in DNS Server Could Allow Remote Code Execution
Description: Two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk.
Rating: Critical.
Affected software: Microsoft Windows.
Most likely attack vector: Attacker sends name resolution request to victim DNS server that is configured to issue requests to a malicious DNS server. Response from malicious DNS server to victim DNS server is improperly handled, resulting in denial of service on victim DNS server.
Exploitability: Microsoft thinks its unlikely it will see exploits developed in the next 30 days.
For additional information on the security bulletins Microsoft rolled out as part of the August 2011 Patch Tuesday, click here and here.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the August 2011 Patch Tuesday.
