September '11 Patch Tuesday Detailed
Below you can check out the information Redmond-based software giant Microsoft released about the 5 security bulletins it rolled out this September as part of its Patch Tuesday program. The aforementioned security bulletins are all rated as “important”, could lead to either remote code execution or elevation of privilege, and plug a total of 15 vulnerabilities that plague the Windows operating system and the Microsoft Office productivity suite.
But I digress. As I said, the details Microsoft made public are available below.
MS11-070: Vulnerability in WINS Could Allow Elevation of Privilege
Rating: Important.
Description: a privately reported vulnerability in the Windows Internet Name Service (WINS), vulnerability that could allow elevation of privilege if a user received a specially crafted WINS replication packet on an affected system running the WINS service. To exploit the vulnerability, an attacker must have valid logon credentials and be able to log on locally
Affected software: Microsoft Windows.
MS11-071: Vulnerability in Windows Components Could Allow Remote Code Execution
Rating: Important.
Description: A publicly disclosed vulnerability in Microsoft Windows that could allow remote code execution if a user opens a legitimate rich text format file (.rtf), text file (.txt), or Word document (.doc) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. By successfully exploiting this vulnerability an attacker could gain the same user rights as the local user.
Affected software: Microsoft Windows.
MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
Rating: Important.
Description: five privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Excel file. By successfully exploiting this vulnerability an attacker could gain the same user rights as the local user.
Affected software: Microsoft Office, Microsoft Server Software.
MS11-073: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
Rating: Important.
Description: two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file or if a user opens a legitimate Office file that is located in the same network directory as a specially crafted library file. By successfully exploiting this vulnerability an attacker could gain the same user rights as the local user.
Affected software: Microsoft Office.
MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege
Rating: Important.
Description: five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site.
Affected software: Microsoft Office, Microsoft Server Software.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the September 2011 Patch Tuesday.
Tags: Microsoft, Security, Patch Tuesday
But I digress. As I said, the details Microsoft made public are available below.
MS11-070: Vulnerability in WINS Could Allow Elevation of Privilege
Rating: Important.
Description: a privately reported vulnerability in the Windows Internet Name Service (WINS), vulnerability that could allow elevation of privilege if a user received a specially crafted WINS replication packet on an affected system running the WINS service. To exploit the vulnerability, an attacker must have valid logon credentials and be able to log on locally
Affected software: Microsoft Windows.
Advertising
MS11-071: Vulnerability in Windows Components Could Allow Remote Code Execution
Rating: Important.
Description: A publicly disclosed vulnerability in Microsoft Windows that could allow remote code execution if a user opens a legitimate rich text format file (.rtf), text file (.txt), or Word document (.doc) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. By successfully exploiting this vulnerability an attacker could gain the same user rights as the local user.
Affected software: Microsoft Windows.
MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
Rating: Important.
Description: five privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Excel file. By successfully exploiting this vulnerability an attacker could gain the same user rights as the local user.
Affected software: Microsoft Office, Microsoft Server Software.
MS11-073: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
Rating: Important.
Description: two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file or if a user opens a legitimate Office file that is located in the same network directory as a specially crafted library file. By successfully exploiting this vulnerability an attacker could gain the same user rights as the local user.
Affected software: Microsoft Office.
MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege
Rating: Important.
Description: five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site.
Affected software: Microsoft Office, Microsoft Server Software.
The Microsoft Security Response Center (MSRC) has provided these visual representations of the September 2011 Patch Tuesday.
Tags: Microsoft, Security, Patch Tuesday
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 28 May 2012
Mozilla introduced a new program meant to educate millions of people, the Mozilla Webmaker program.
By George Norman on 26 May 2012
Piriform updated its products, making CCleaner less annoying and Defraggler a lot faster.Related News
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.
By George Norman on 06 Jan 2012
On the 10th of January 2012, Microsoft will release seven security bulletins as part of its Patch Tuesday program. The aforementioned bulletins are meant to address a total of 8 vulnerabilities that plague the Microsoft Windows operating system and
By George Norman on 12 Mar 2012
A total of six security bulletins will be released on Tuesday, the 13th of March by Microsoft as part of its Patch Tuesday program
By George Norman on 13 Dec 2011
Tuesday, the 13th of December, is December 2011 Patch Tuesday, the last Patch Tuesday of the year. This December Microsoft will release a total of 14 security bulletins to its customers.Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
September '11 Patch Tuesday Detailed
HTML Linking Code
HTML Linking Code