April 2011 - Posts

Microsoft Security Bulletin Minor Revisions - April 12, 2011

Issued: April 12, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-025 - Important
* MS10-088 - Important
* MS10-087 - Critical

Bulletin Information:

* MS11-025 - Important

- http://www.microsoft.com/technet/security/bulletin/ms11-025.mspx
- Reason for Revision: V1.1 (April 12, 2011): Clarified the update
FAQ, "I am a third-party application developer and I use
Visual C++. How do I update my application?"
- Originally posted: April 12, 2011
- Updated: April 12, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

* MS10-088 - Important

- http://www.microsoft.com/technet/security/bulletin/ms10-088.mspx
- Reason for Revision: V1.3 (April 12, 2011): Announced that the
security update for Microsoft Office 2004 for Mac (KB2505924)
offered in MS11-021, MS11-022, and MS11-023 also addresses
the vulnerabilities described in this security bulletin.
- Originally posted: November 9, 2010
- Updated: April 12, 2011
- Bulletin Severity Rating: Important
- Version: 1.3

* MS10-087 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms10-087.mspx
- Reason for Revision: V2.1 (April 12, 2011): Announced that the
security update for Microsoft Office 2004 for Mac (KB2505924)
offered in MS11-021, MS11-022, and MS11-023 also addresses
the vulnerabilities described in this security bulletin.
- Originally posted: November 9, 2010
- Updated: April 12, 2011
- Bulletin Severity Rating: Critical
- Version: 2.1

Posted Wed, Apr 13 2011 4:12 by Don
Filed under:

TechNet Webcast: Information About Microsoft April Security Bulletins (Level 200)

Event ID: 1032455069

Language(s): English.
Product(s): Other.
Audience(s): IT Decision Maker, IT Generalist.

Join us for a brief overview of the technical details of the April security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Jonathan Ness, Security Development Manager, MSRC, Microsoft Corporation

Register Online

Posted Tue, Apr 12 2011 15:11 by Don
Filed under:

Microsoft Security Bulletin(s) for April 12, 2011

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···apr.mspx

Critical (9)

Microsoft Security Bulletin MS11-018
Cumulative Security Update for Internet Explorer (2497640)
»www.microsoft.com/technet/securi···018.mspx

Microsoft Security Bulletin MS11-019
Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)
»www.microsoft.com/technet/securi···019.mspx

Microsoft Security Bulletin MS11-020
Vulnerability in SMB Server Could Allow Remote Code Execution (2508429)
»www.microsoft.com/technet/securi···020.mspx

Microsoft Security Bulletin MS11-027
Cumulative Security Update of ActiveX Kill Bits (2508272)
»www.microsoft.com/technet/securi···027.mspx

Microsoft Security Bulletin MS11-028
Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015)
»www.microsoft.com/technet/securi···028.mspx

Microsoft Security Bulletin MS11-029
Vulnerability in GDI+ Could Allow Remote Code Execution (2489979)
»www.microsoft.com/technet/securi···029.mspx

Microsoft Security Bulletin MS11-030
Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553)
»www.microsoft.com/technet/securi···030.mspx

Microsoft Security Bulletin MS11-031
Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666)
»www.microsoft.com/technet/securi···031.mspx

Microsoft Security Bulletin MS11-032
Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618) »www.microsoft.com/technet/securi···032.mspx

Important (8)

Microsoft Security Bulletin MS11-021
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279)
»www.microsoft.com/technet/securi···021.mspx

Microsoft Security Bulletin MS11-022
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283)
»www.microsoft.com/technet/securi···022.mspx

Microsoft Security Bulletin MS11-023
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293)
»www.microsoft.com/technet/securi···023.mspx

Microsoft Security Bulletin MS11-024
Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308)
»www.microsoft.com/technet/securi···024.mspx

Microsoft Security Bulletin MS11-025
Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212)
»www.microsoft.com/technet/securi···025.mspx

Microsoft Security Bulletin MS11-026
Vulnerability in MHTML Could Allow Information Disclosure (2503658)
»www.microsoft.com/technet/securi···026.mspx

Microsoft Security Bulletin MS11-033
Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663)
»www.microsoft.com/technet/securi···033.mspx

Microsoft Security Bulletin MS11-034
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)
»www.microsoft.com/technet/securi···034.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

Posted Tue, Apr 12 2011 13:31 by Don
Filed under:

Microsoft Security Bulletin Advance Notification for April 2011

This is an advance notification of 17 security bulletins that Microsoft is intending to release on April 12, 2011.

9 rated as Critical and 8 rated as Important

http://www.microsoft.com/technet/security/bulletin/ms11-apr.mspx

Posted Thu, Apr 7 2011 15:42 by Don
Filed under: