DP's Security Bits

Issued: February 23, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2491888)
- Title: Vulnerability in Microsoft Malware
Protection Engine Could Allow Elevation of Privilege
- http://www.microsoft.com/technet/security/advisory/2491888.mspx
- Revision Note: V1.0 (February 23, 2011): Advisory published.

Issued: February 22, 2011

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS10-077 - Critical
* MS10-070 - Important

Bulletin Information:

* MS10-077 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms10-077.mspx
- Reason for Revision: V3.0 (February 22, 2011): Announced a
detection change to offer the Microsoft .NET Framework 4.0
update packages to customers who install Microsoft .NET
Framework 4.0 after installing Windows 7 for x64-based
Systems Service Pack 1, Windows Server 2008 R2 for x64-based
Systems Service Pack 1, or Windows Server 2008 R2 for
Itanium-based Systems Service Pack 1. Customers who have
already successfully updated their systems do not need to
take any action.
- Originally posted: October 12, 2010
- Updated: February 22, 2011
- Bulletin Severity Rating: Critical
- Version: 3.0

* MS10-070 - Important

- http://www.microsoft.com/technet/security/bulletin/ms10-070.mspx
- Reason for Revision: V4.0 (February 22, 2011): Announced a
detection change to offer the Microsoft .NET Framework 4.0
(KB2416472) update packages to customers who install
Microsoft .NET Framework 4.0 after installing Windows 7 for
32-bit Systems Service Pack 1, Windows 7 for x64-based
Systems Service Pack 1, Windows Server 2008 R2 for x64-based
Systems Service Pack 1, or Windows Server 2008 R2 for
Itanium-based Systems Service Pack 1. Customers who have
already successfully updated their systems do not need to
take any action.
- Originally posted: September 28, 2010
- Updated: February 22, 2011
- Bulletin Severity Rating: Important
- Version: 4.0

Issued: February 22, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (967940)
- Title: Update for Windows Autorun
- http://www.microsoft.com/technet/security/advisory/967940.mspx
- Revision Note: V2.1 (February 22, 2011): Summary revised to
notify users of a change in the deployment logic for updates
described in this advisory. This change is intended to
minimize the user interaction required to install the updates
on systems configured for automatic updating.

Release date: February 8, 2011

Summary

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Adobe recommends users of Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.2.152.26.

http://www.adobe.com/support/security/bulletins/apsb11-02.html

Issued: February 8, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (967940)
- Title: Update for Windows Autorun
- http://www.microsoft.com/technet/security/advisory/967940.mspx
- Revision Note: V2.0 (February 8, 2011): Summary and update
FAQ revised to notify users that the 971029 update to Autorun
that restricts AutoPlay functionality to CD and DVD media
will be offered via automatic updating.

* Microsoft Security Advisory (2490606)
- Title: Vulnerability in Graphics Rendering Engine
Could Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/2490606.mspx
- Revision Note: V2.0 (February 8, 2011): Advisory updated to
reflect publication of security bulletin.

* Microsoft Security Advisory (2488013)
- Title: Vulnerability in Internet Explorer Could
Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/2488013.mspx
- Revision Note: V2.0 (February 8, 2011): Advisory updated to
reflect publication of security bulletin.

* Microsoft Security Advisory (2269637)
- Title: Insecure Library Loading Could Allow Remote
Code Execution
- http://www.microsoft.com/technet/security/advisory/2269637.mspx
- Revision Note: V5.0 (February 8, 2011): Added Microsoft
Security Bulletin MS11-003, "Cumulative Security Update for
Internet Explorer," to the Updates relating to Insecure
Library Loading section.

Update for Windows Autorun

Version: 2.0

Microsoft is announcing the availability of updates to the Autorun feature that help to restrict AutoPlay functionality to only CD and DVD media on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Restricting AutoPlay functionality to only CD and DVD media can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a USB flash drive, network shares, or other non-CD and non-DVD media containing a file system with an Autorun.inf file.

http://www.microsoft.com/technet/security/advisory/967940.mspx

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···feb.mspx

Critical (3)

Microsoft Security Bulletin MS11-003
Cumulative Security Update for Internet Explorer (2482017)
»www.microsoft.com/technet/securi···003.mspx

Microsoft Security Bulletin MS11-006
Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
»www.microsoft.com/technet/securi···006.mspx

Microsoft Security Bulletin MS11-007
Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
»www.microsoft.com/technet/securi···007.mspx

Important (9)

Microsoft Security Bulletin MS11-004
Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
»www.microsoft.com/technet/securi···004.mspx

Microsoft Security Bulletin MS11-005
Vulnerability in Active Directory Could Allow Denial of Service (2478953)
»www.microsoft.com/technet/securi···005.mspx

Microsoft Security Bulletin MS11-008
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)
»www.microsoft.com/technet/securi···008.mspx

Microsoft Security Bulletin MS11-009
Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
»www.microsoft.com/technet/securi···009.mspx

Microsoft Security Bulletin MS11-010
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
»www.microsoft.com/technet/securi···010.mspx

Microsoft Security Bulletin MS11-011
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
»www.microsoft.com/technet/securi···011.mspx

Microsoft Security Bulletin MS11-012
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
»www.microsoft.com/technet/securi···012.mspx

Microsoft Security Bulletin MS11-013
Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
»www.microsoft.com/technet/securi···013.mspx

Microsoft Security Bulletin MS11-014
Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)
»www.microsoft.com/technet/securi···014.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

Event Overview

Join us for a brief overview of the technical details of the February security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Jonathan Ness, Principal Security SDE Lead, MSRC, Microsoft Corporation

Register Online

This is an advance notification of 12 security bulletins that Microsoft is intending to release on February 8, 2011.

3 rated as Critical and 9 rated as Important.

http://www.microsoft.com/technet/security/bulletin/ms11-feb.mspx