250 likes | 401 Views
Information About Microsoft August 2011 Security Bulletins. Jonathan Ness Security Development Manager, MSRC Microsoft Corporation Jerry Bryant Group Manager, Response Communications Microsoft Corporation. What We Will Cover. Review of August 2011 Bulletin release information:
E N D
Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRCMicrosoft Corporation Jerry Bryant Group Manager, Response CommunicationsMicrosoft Corporation
What We Will Cover • Review of August 2011 Bulletin release information: • New Security Bulletins • Security Advisory • Re-released Bulletins • Announcements • Microsoft® Windows®Malicious Software Removal Tool • Resources • Questions and answers: Please Submit Now
Severity and Exploitability Index .NET Framework Windows Windows Windows Windows Internet Explorer Visual Studio Windows .NET Office Windows Windows Windows
MS11-057: Cumulative Security Update for Internet Explorer (2559049)
MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)
MS11-059: Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656)
MS11-060: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978)
MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)
MS11-062: Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454)
MS11-063: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)
MS11-064: Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
MS11-065: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)
MS11-066: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
MS11-067: Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
MS11-068: Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)
MS11-069: Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
Security Advisories SA 2562937: Update Rollup for ActiveX Kill Bits This Advisory contains killbits for the following third-party software products: • Check Point SSL VPN On-Demand applications (Check Point Software Technologies) • ActBar (IBM) • EBI R Web Toolkit (Honeywell) All three vendors have issued advisories and/or updates on their sites regarding these issues.
Bulletin Re-releases • MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution • Microsoft is rereleasing this bulletin to add Visual Studio 2010 Service Pack 1 and the Visual C++ 2010 Redistributable Package SP1 as Affected Software. • We are also correcting the file verification information for the Visual C++ 2005 SP1 Redistributable Package, the Visual C++ 2008 SP1 Redistributable Package, and the Visual C++ 2010 Redistributable Package. • MS11-043: Vulnerability in SMB Client Could Allow Remote Code Execution • This bulletin is being re-released to refine the update’s behavior when performing certain data writes. • MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure • This bulletin is being re-released to address additional SKUs.
Announcing… The BlueHat Prize: One week after On August 3 at Black Hat, we introduced the BlueHat Prize, to be awarded to promising defensive-security mitigations. Top award? $200,000. The response to the initial announcement has been gratifying… - See a video overview of the announcement with Senior Security Strategist and program architect Katie Moussouris at www.bluehatprize.com.
Windows Malicious Software Removal Tool (MSRT) • During this release Microsoft will increase detection capability for the following families in the MSRT: • Win32/FakeSysdef: Atop rogue that is causing dramatic customer issues. FakeSysdef tends to kill some antimalware solutions, though MSRT is not susceptible. • Win32/Hiloti: Another prevalent trojan downloader. It’s also known for killing certain antimalware packages, though again MSRT is not susceptible. • Available as a priority update through Windows Update or Microsoft Update. • Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove.
Questions and Answers Submit text questions using the “Ask” button. Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog:http://microsoft.com/msrcblogRegister for next month’s webcast at:http://microsoft.com/technet/security/current.aspx
Resources Blogs • Microsoft Security Response Center (MSRC) blog:www.microsoft.com/msrcblog • Security Research & Defense Blog:http://blogs.technet.com/srd • Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ Twitter • @MSFTSecResponse Security Centers • Microsoft Security Home Page: www.microsoft.com/security • TechNet Security Center:www.microsoft.com/technet/security • MSDN Security Developer Center:http://msdn.microsoft.com/en-us/security/default.aspx • Microsoft Malicious Software Removal Tool: www.microsoft.com/malwareremove Bulletins, Advisories, Notifications & Newsletters • Security Bulletins Summary:www.microsoft.com/technet/security/bulletin/summary.mspx • Security Bulletins Search:www.microsoft.com/technet/security/current.aspx • Security Advisories:www.microsoft.com/technet/security/advisory/ • Microsoft Technical Security Notifications:www.microsoft.com/technet/security/bulletin/notify.mspx • Microsoft Security Newsletter:www.microsoft.com/technet/security/secnews Other Resources • Update Management Process:http://www.microsoft.com/technet/security/guidance/patchmanagement/secmod193.mspx • Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners.mspx