DP's Security Bits

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»technet.microsoft.com/en-us/secu···ms11-dec

Critical (1)

Microsoft Security Bulletin MS11-100
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)
»technet.microsoft.com/en-us/secu···ms11-100

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

.

This is an advance notification for one out-of-band security bulletin that Microsoft is intending to release on December 29, 2011, at 10:00 AM Pacific Time (US & Canada). The bulletin addresses security vulnerabilities in all supported releases of Microsoft Windows.

http://technet.microsoft.com/en-us/security/bulletin/ms11-dec

Issued: December 28, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2659883)
- Title: Vulnerability in ASP.NET Could Allow Denial of Service
- http://technet.microsoft.com/security/advisory/2659883
- Revision Note: V1.0 (December 28, 2011): Advisory published.

2011-12-28
Adware
++ JackpotRewards.DealRunner ++ JackpotRewards.ShopToWin ++ PlayPickle
PUPS
++ PCPerformer
Trojans
++ Bancos.Bradesco ++ Win32.Agent.vp2 ++ Win32.Banker.urg ++ Win32.Bedobot + Win32.Brontok ++ Win32.GEMA + Win32.OnLineGames.down + Win32.OnLineGames.gen + Win32.Sirefef
Total: 2494556 fingerprints in 781315 rules for 6441 products
http://www.safer-networking.org/en/index.html

0 New Internet Explorer
56 New Restricted Sites
0 New Firefox

14884 items in database

Issued: December 21, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-094 - Important
* MS11-096 - Important

Bulletin Information:

* MS11-094 - Important

- http://technet.microsoft.com/security/bulletin/MS11-094
- Reason for Revision: V1.1 (December 21, 2011): Added an entry to
the Update FAQ to explain why this update is offered to customers
running PowerPoint 2010 Service Pack 1.
- Originally posted: December 13, 2011
- Updated: December 21, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

* MS11-096 - Important

- http://technet.microsoft.com/security/bulletin/MS11-096
- Reason for Revision: V1.1 (December 21, 2011): Added
Microsoft Office Compatibility Pack Service Pack 3 to the
Non-Affected Software table. This is an informational change only.
There were no changes to the detection logic or the update files.
- Originally posted: December 13, 2011
- Updated: December 21, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

2011-12-21
Malware
++ Joke.Ejectcd + Win32.Backup + Win32.FraudLoad.edt + Win32.Renos
Trojans
+ Win32.Allaple.ab ++ Win32.BackDoor.ao + Win32.Bancos + Win32.Banker + Win32.ClickPotatoLite + Win32.OnLineGames.down
Total: 2493180 fingerprints in 780913 rules for 6433 products.
http://www.safer-networking.org/en/index.html

Issued: December 16, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-089 - Important

Bulletin Information:

* MS11-089 - Important

- http://technet.microsoft.com/security/bulletin/MS11-089
- Reason for Revision: V1.1 (December 16, 2011): Expanded the
list of non-affected software and revised the Update FAQ to
help clarify that this update may be offered to non-affected
software when the vulnerable shared component of
Microsoft Office is present.
- Originally posted: December 13, 2011
- Updated: December 16, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

2011-12-14
Adware
++ IWinGames
Malware
+ Fraud.XPAntivirus + Win32.FraudLoad.edt + Win32.Renos + Win32.Shutdowner.bqq
Security
+ Microsoft.Windows.RedirectedHosts
Trojans
+ Bancos.Santander + Banload + Win32.Agent.adb + Win32.Banker ++ Win32.Banker.wnx ++ Win32.BHO.gcp + Win32.Muollo + Win32.OnLineGames.down + Win32.OnLineGames.gen ++ Win32.Ructo.ik ++ Win32.SecurityDefender + Win32.Sirefef ++ Win32.TTC.d + Win32.ZBot
Total: 2486200 fingerprints in 779742 rules for 6432 products.

http://www.safer-networking.org/en/index.html

Issued: December 14, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-088 - Important

Bulletin Information:

* MS11-088 - Important

- http://technet.microsoft.com/security/bulletin/MS11-088
- Reason for Revision: V1.1 (December 14, 2011): Added a link to
Microsoft Knowledge Base Article 2652016 under Known Issues in
the Executive Summary.
- Originally posted: December 13, 2011
- Updated: December 14, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

Issued: December 13, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-090 - Critical
* MS11-099 - Important
* MS11-DEC


Bulletin Information:

* MS11-090 - Critical

- http://technet.microsoft.com/security/bulletin/MS11-090
- Reason for Revision: V1.1 (December 13, 2011): Corrected the
kill bit information for the HP Photo Creative ActiveX control
in the section, Third-Party Kill Bits. This is an informational
change only. There were no changes to the security update files
or detection logic.
- Originally posted: December 13, 2011
- Updated: December 13, 2011
- Bulletin Severity Rating: Critical
- Version: 1.1


* MS11-099 - Important

- http://technet.microsoft.com/security/bulletin/MS11-099
- Reason for Revision: V1.1 (December 13, 2011): Corrected
mitigating factors for CVE-2011-1992. Corrected severity ratings
for CVE-2011-3404. These are informational changes only.
There were no changes to the security update files
or detection logic.
- Originally posted: December 13, 2011
- Updated: December 13, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

* MS11-DEC

- http://technet.microsoft.com/security/bulletin/MS11-DEC
- Reason for Revision: V1.1 (December 13, 2011): For MS11-099,
corrected the severity ratings in the Affected Software table.
For MS11-088, corrected the Key Note in the Exploitability Index.
These are informational changes only. There were no changes to
the security update files or detection logic.
- Originally posted: December 13, 2011
- Updated: December 13, 2011
- Version: 1.1

Issued: December 13, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2269637)
- Title: Insecure Library Loading Could Allow Remote Code
Execution
- http://technet.microsoft.com/security/advisory/2269637
- Revision Note: V13.0 (December 13, 2011): Added the following
Microsoft Security Bulletins to the Updates relating to
Insecure Library Loading section: MS11-099, "Cumulative Security
Update for Internet Explorer;" and MS11-094, "Vulnerabilities in
Microsoft PowerPoint Could Allow Remote Code Execution."

* Microsoft Security Advisory (2639658)
- Title: Vulnerability in TrueType Font Parsing Could Allow
Elevation of Privilege
- http://technet.microsoft.com/security/advisory/2639658
- Revision Note: V2.0 (December 13, 2011): Advisory updated to
reflect publication of security bulletin.

Event ID: 1032487961

Language(s): English.

Product(s): computer security and information security.

Audience(s): IT Decision Maker and IT Generalist.

Join us for a brief overview of the technical details of the Microsoft security bulletins for December. We intend to address your concerns in this webcast; therefore, most of the webcast is devoted to attendees asking questions and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Jonathan Ness, Principal Security Development Lead, Microsoft Security Response Center, Microsoft Corporation

Register Online

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»technet.microsoft.com/en-us/secu···ms11-dec

Critical (3)

Microsoft Security Bulletin MS11-087
Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
»technet.microsoft.com/en-us/secu···ms11-087

Microsoft Security Bulletin MS11-090
Cumulative Security Update of ActiveX Kill Bits (2618451)
»technet.microsoft.com/en-us/secu···ms11-090

Microsoft Security Bulletin MS11-092
Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)
»technet.microsoft.com/en-us/secu···ms11-092

Important (10)

Microsoft Security Bulletin MS11-088
Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)
»technet.microsoft.com/en-us/secu···088.mspx

Microsoft Security Bulletin MS11-089
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
»technet.microsoft.com/en-us/secu···089.mspx

Microsoft Security Bulletin MS11-091
Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
»technet.microsoft.com/en-us/secu···091.mspx

Microsoft Security Bulletin MS11-093
Vulnerability in OLE Could Allow Remote Code Execution (2624667)
»technet.microsoft.com/en-us/secu···093.mspx

Microsoft Security Bulletin MS11-094
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
»technet.microsoft.com/en-us/secu···094.mspx

Microsoft Security Bulletin MS11-095
Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)
»technet.microsoft.com/en-us/secu···095.mspx

Microsoft Security Bulletin MS11-096
Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)
»technet.microsoft.com/en-us/secu···096.mspx

Microsoft Security Bulletin MS11-097
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
»technet.microsoft.com/en-us/secu···097.mspx

Microsoft Security Bulletin MS11-098
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
»technet.microsoft.com/en-us/secu···098.mspx

Microsoft Security Bulletin MS11-099
Cumulative Security Update for Internet Explorer (2618444)
»technet.microsoft.com/en-us/secu···099.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

.

This is an advance notification of 14 security bulletins that Microsoft is intending to release on December 13, 2011.

3 rated as Critical and 11 with a rating of Important

http://technet.microsoft.com/en-us/security/bulletin/ms11-dec

57 new items:

6 Internet Explorer

51 Restricted Sites

0 Mozilla Firefox

14828 items in database

2011-12-07
Malware
+ Win32.Renos
Trojans
+ Bancos.Santander + Banload.byct + Win32.Bancos + Win32.Banker ++ Win32.Eyeon.ie + Win32.Muollo + Win32.OnLineGames.down + Win32.OnLineGames.gen + Win32.Ruskill.em ++ Win32.VB.aoff ++ Win32.Whistler.mbr ++ Win32.Yakes.ksp + Win32.ZBot
Total: 2483507 fingerprints in 779195 rules for 6419 products.
http://www.safer-networking.org/en/index.html

Issued: November 30, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-028 - Critical

Bulletin Information:

* MS11-028 - Critical

- http://technet.microsoft.com/security/bulletin/MS11-028
- Reason for Revision: V2.4 (November 30, 2011): Corrected the
bulletin replacement information for .NET Framework 4 on
Windows 7 for x64-based Systems Service Pack 1,
Windows Server 2008 R2 for x64-based Systems Service Pack 1, and
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1.
This is a bulletin change only. There were no changes to the
detection or security update files.
- Originally posted: April 12, 2011
- Updated: November 30, 2011
- Bulletin Severity Rating: Critical
- Version: 2.4