DP's Security Bits

Issued: March 23, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2524375)
- Title: Fraudulent Digital Certificates Could Allow Spoofing
- http://www.microsoft.com/technet/security/advisory/2524375.mspx
- Revision Note: V1.0 (March 23, 2011): Advisory published.

v.4.0, released March 22nd, 2011

Check out what’s new, the known issues and frequently asked questions about the latest version of Firefox

Firefox 4 Release Notes

Issued: March 16, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-015 - Critical

Bulletin Information:

* MS11-015 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms11-015.mspx
- Reason for Revision: V1.2 (March 16, 2011): Removed erroneous
references to Windows XP Home Edition Service Pack 3 and
Windows XP Tablet PC Edition Service Pack 3 in Non-Affected
Software. This is an informational change only. There were no
changes to the security update files or detection logic. For
customers who are running Windows XP Home Edition or Windows
XP Table PC Edition and who have not already applied this
update, Microsoft recommends applying the update immediately.
Customers who have already applied the update do not need to
take any action.
- Originally posted: March 8, 2011
- Updated: March 16, 2011
- Bulletin Severity Rating: Critical
- Version: 1.2

A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.13 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

We are in the process of finalizing a fix for the issue and expect to make available an update for Flash Player 10.x and earlier versions for Windows, Macintosh, Linux, Solaris and Android, and an update for Adobe Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Macintosh, and Adobe Reader 9.4.2 and earlier 9.x versions during the week of March 21, 2011. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.

http://www.adobe.com/support/security/advisories/apsa11-01.html

Issued: March 11, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2501696)
- Title: Vulnerability in MHTML Could Allow
Information Disclosure
- http://www.microsoft.com/technet/security/advisory/2501696.mspx
- Revision Note: V1.1 (March 11, 2011): Revised Executive
Summary to reflect investigation of limited, targeted attacks.

Issued: March 9, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-017 - Important
* MS11-015 - Critical

Bulletin Information:

* MS11-017 - Important

- http://www.microsoft.com/technet/security/bulletin/ms11-017.mspx
- Reason for Revision: V1.2 (March 9, 2011): Corrected the
Non-Affected Software component entries for the service pack
1 versions of Windows 7 and Windows Server 2008 R2 from
Remote Desktop Connection 7.0 Client to Remote Desktop
Connection 7.1 Client. These are informational changes only.
There were no changes to the security update files or
detection logic.
- Originally posted: March 8, 2011
- Updated: March 9, 2011
- Bulletin Severity Rating: Important
- Version: 1.2

* MS11-015 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms11-015.mspx
- Reason for Revision: V1.1 (March 9, 2011): Corrected the Systems
Management Server table entries for SMS 2.0 and SMS 2003 with
SUIT for Windows XP Service Pack 3. These are informational
changes only. There were no changes to the security update
files or detection logic.
- Originally posted: March 8, 2011
- Updated: March 9, 2011
- Bulletin Severity Rating: Critical
- Version: 1.1

Issued: March 9, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-015 - Critical

Bulletin Information:

* MS11-015 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms11-015.mspx
- Reason for Revision: V1.1 (March 9, 2011): Corrected the Systems
Management Server table entries for SMS 2.0 and SMS 2003 with
SUIT for Windows XP Service Pack 3. These are informational
changes only. There were no changes to the security update
files or detection logic.
- Originally posted: March 8, 2011
- Updated: March 9, 2011
- Bulletin Severity Rating: Critical
- Version: 1.1

Language(s): English.
Product(s): Other.
Audience(s): IT Decision Maker, IT Generalist.

Event Overview
Join us for a brief overview of the technical details of the March security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Dustin Childs, Sr. Security Program Manager, MSRC, Microsoft Corporation

Register Online

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···mar.mspx

Critical (1)

Microsoft Security Bulletin MS11-015
Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030)
»www.microsoft.com/technet/securi···015.mspx

Important (2)

Microsoft Security Bulletin MS11-017
Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062)
»www.microsoft.com/technet/securi···017.mspx

Microsoft Security Bulletin MS11-016
Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047)
»www.microsoft.com/technet/securi···016.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

What’s New in Firefox 3.6.15

Google has released Chrome 9.0.597.107 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html

Microsoft Security Bulletin Advance Notification issued: March 3, 2011
Microsoft Security Bulletins to be issued: March 8, 2011

This is an advance notification of security bulletins that Microsoft is intending to release on March 8, 2011.

1 rated Critical and 2 rated Important

http://www.microsoft.com/technet/security/bulletin/ms11-mar.mspx

v.3.6.14, released March 1st, 2011

What's new:

MFSA 2011-10 CSRF risk with plugins and 307 redirects
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-08 ParanoidFragmentSink allows BLOCKED SCRIPT URLs in chrome documents
MFSA 2011-07 Memory corruption during text run construction (Windows)
MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)

http://www.mozilla.com/en-US/firefox/3.6.14/releasenotes/