DP's Security Bits

Issued: May 17, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-036 - Important

Bulletin Information:

* MS11-036 - Important

- http://www.microsoft.com/technet/security/bulletin/ms11-036.mspx
- Reason for Revision: V1.1 (May 17, 2011): Removed an erroneous
note from the Affected Software table pertaining to security
updates KB2535818 and KB2540162 for Microsoft PowerPoint 2007
Service Pack 2.
- Originally posted: May 10, 2011
- Updated: May 17, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

Issued: May 16, 2011

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS11-018 - Critical

Bulletin Information:

* MS11-018 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms11-018.mspx
- Reason for Revision: V2.0 (May 16, 2011): Bulletin rereleased to
reoffer the update for Internet Explorer 7 on supported
editions of Windows XP and Windows Server 2003. This is a
detection change only. There were no changes to the binaries.
Only affected customers will be offered the update. Customers
who have installed the update manually and customers running
configurations not targeted by the change to detection logic
do not need to take any action.
- Originally posted: April 12, 2011
- Updated: May 16, 2011
- Bulletin Severity Rating: Critical
- Version: 2.0

Issued: May 10, 2011

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS11-028 - Critical

Bulletin Information:

* MS11-028 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms11-028.mspx
- Reason for Revision: V2.0 (May 10, 2011): Bulletin rereleased to
reoffer updates KB2446709 and KB2449742. This addresses a
known issue with SQL and Exchange servers that have hotfix
KB979744 installed.
- Originally posted: April 12, 2011
- Updated: May 10, 2011
- Bulletin Severity Rating: Critical
- Version: 2.0

Issued: May 10, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2524375)
- Title: Fraudulent Digital Certificates Could Allow Spoofing
- »www.microsoft.com/technet/securi···375.mspx
- Revision Note: V4.0 (May 10, 2011): Announced the release
of an update for Windows Mobile 6.x devices.

Event ID: 1032455071
Language(s): English.
Product(s): Other.
Audience(s): IT Decision Maker, IT Generalist.

Join us for a brief overview of the technical details of the May security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Pete Voss, Senior Response Communications Manager, Microsoft Corporation and Dustin Childs, Sr. Security Program Manager, MSRC, Microsoft Corporation

Starts: Wednesday, May 11, 2011 11:00 AM
Time zone: (GMT-08:00) Pacific Time (US & Canada)
Duration:60 Minutes

Register Online

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»www.microsoft.com/technet/securi···may.mspx

Critical (1)

Microsoft Security Bulletin MS11-035
Vulnerability in WINS Could Allow Remote Code Execution (2524426)
»www.microsoft.com/technet/securi···035.mspx

Important (1)
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)
Microsoft Security Bulletin MS11-036

»www.microsoft.com/technet/securi···036.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

.

Microsoft Security Bulletin Advance Notification issued: May 5, 2011
Microsoft Security Bulletins to be issued: May 10, 2011

This is an advance notification of 2 security bulletins that Microsoft is intending to release on May 10, 2011, 1 rated as Critical for Windows and 1 rated Important for Office.

http://www.microsoft.com/technet/security/bulletin/ms11-may.mspx

Issued: May 4, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-017 - Important

Bulletin Information:

* MS11-017 - Important

- http://www.microsoft.com/technet/security/bulletin/ms11-017.mspx
- Reason for Revision: V1.5 (May 4, 2011): Corrected the bulletin
replacement information for Remote Desktop Connection 5.2
Client on supported editions of Windows XP Service Pack 3.
This is a bulletin change only. There were no changes to the
detection or security update files.
- Originally posted: March 8, 2011
- Updated: May 4, 2011
- Bulletin Severity Rating: Important
- Version: 1.5