1 / 25

Information About Microsoft August 2011 Security Bulletins

Information About Microsoft August 2011 Security Bulletins. Jonathan Ness Security Development Manager, MSRC Microsoft Corporation Jerry Bryant Group Manager, Response Communications Microsoft Corporation. What We Will Cover. Review of August 2011 Bulletin release information:

brick
Download Presentation

Information About Microsoft August 2011 Security Bulletins

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRCMicrosoft Corporation Jerry Bryant Group Manager, Response CommunicationsMicrosoft Corporation

  2. What We Will Cover • Review of August 2011 Bulletin release information: • New Security Bulletins • Security Advisory • Re-released Bulletins • Announcements • Microsoft® Windows®Malicious Software Removal Tool • Resources • Questions and answers: Please Submit Now

  3. Severity and Exploitability Index .NET Framework Windows Windows Windows Windows Internet Explorer Visual Studio Windows .NET Office Windows Windows Windows

  4. Bulletin Deployment Priority

  5. MS11-057: Cumulative Security Update for Internet Explorer (2559049)

  6. MS11-058:  Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)

  7. MS11-059: Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656)

  8. MS11-060:  Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978)

  9. MS11-061:  Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)

  10. MS11-062:  Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454)

  11. MS11-063:  Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)

  12. MS11-064:  Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)

  13. MS11-065: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)

  14. MS11-066: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)

  15. MS11-067: Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)

  16. MS11-068: Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)

  17. MS11-069:  Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)

  18. Detection & Deployment

  19. Other Update Information

  20. Security Advisories SA 2562937: Update Rollup for ActiveX Kill Bits This Advisory contains killbits for the following third-party software products: • Check Point SSL VPN On-Demand applications (Check Point Software Technologies) • ActBar (IBM) • EBI R Web Toolkit (Honeywell) All three vendors have issued advisories and/or updates on their sites regarding these issues.

  21. Bulletin Re-releases • MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution • Microsoft is rereleasing  this bulletin to add Visual Studio 2010 Service Pack 1 and the Visual C++ 2010 Redistributable Package SP1 as Affected Software. • We are also correcting the file verification information for the Visual C++ 2005 SP1 Redistributable Package, the Visual C++ 2008 SP1 Redistributable Package, and the Visual C++ 2010 Redistributable Package. • MS11-043: Vulnerability in SMB Client Could Allow Remote Code Execution • This bulletin is being re-released to refine the update’s behavior when performing certain data writes. • MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure • This bulletin is being re-released to address additional SKUs.

  22. Announcing… The BlueHat Prize: One week after On August 3 at Black Hat, we introduced the BlueHat Prize, to be awarded to promising defensive-security mitigations. Top award? $200,000. The response to the initial announcement has been gratifying… - See a video overview of the announcement with Senior Security Strategist and program architect Katie Moussouris at www.bluehatprize.com.

  23. Windows Malicious Software Removal Tool (MSRT) • During this release Microsoft will increase detection capability for the following families in the MSRT: • Win32/FakeSysdef: Atop rogue that is causing dramatic customer issues.  FakeSysdef tends to kill some antimalware solutions, though MSRT is not susceptible. • Win32/Hiloti: Another prevalent trojan downloader.  It’s also known for killing certain antimalware packages, though again MSRT is not susceptible. • Available as a priority update through Windows Update or Microsoft Update. • Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove.

  24. Questions and Answers Submit text questions using the “Ask” button. Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog:http://microsoft.com/msrcblogRegister for next month’s webcast at:http://microsoft.com/technet/security/current.aspx

  25. Resources Blogs • Microsoft Security Response Center (MSRC) blog:www.microsoft.com/msrcblog • Security Research & Defense Blog:http://blogs.technet.com/srd • Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ Twitter • @MSFTSecResponse Security Centers • Microsoft Security Home Page: www.microsoft.com/security • TechNet Security Center:www.microsoft.com/technet/security • MSDN Security Developer Center:http://msdn.microsoft.com/en-us/security/default.aspx • Microsoft Malicious Software Removal Tool: www.microsoft.com/malwareremove Bulletins, Advisories, Notifications & Newsletters • Security Bulletins Summary:www.microsoft.com/technet/security/bulletin/summary.mspx • Security Bulletins Search:www.microsoft.com/technet/security/current.aspx • Security Advisories:www.microsoft.com/technet/security/advisory/ • Microsoft Technical Security Notifications:www.microsoft.com/technet/security/bulletin/notify.mspx • Microsoft Security Newsletter:www.microsoft.com/technet/security/secnews Other Resources • Update Management Process:http://www.microsoft.com/technet/security/guidance/patchmanagement/secmod193.mspx • Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners.mspx

More Related