Get this blog as an RSS Feed

Microsoft Patch Tuesday Roundup - November

15:45 CET, 9th November 2011 By Secunia.

This month Microsoft released four bulletins (MS11-083 – MS11-086). Secunia has rated two of them as “Highly Critical”, one as “Moderately Critical”, and one as “Less Critical” while Microsoft has rated one as “Critical”, two as “Important”, and one as “Moderate”. Each of the bulletins covers one vulnerability and of the four bulletins, two have received a rating of “1” in the Microsoft Exploitability Index. Microsoft describes a “1” as “Consistent exploit code likely”.

In the table below you will find an overview of the Microsoft Bulletins and the corresponding Secunia Advisories, as well as the ratings from both Microsoft and Secunia.

Microsoft Bulletin Secunia
Advisory ID
MS KB CVE(s) Secunia Rating MS Rating Microsoft
MS11-083 SA46731 KB2588516 CVE-2011-2013 High Critical 2,2 Remote
MS11-084 SA46751 KB2617657 CVE-2011-2004 Moderate Moderate N/A Remote
MS11-085 SA46752 KB2620704 CVE-2011-2016 High Important 1,1
MS11-086 SA46755 KB2630837 CVE-2011-2014 Less Important 1,1 Local Network

Note: The first digit in the “Microsoft Exploitability Index” refers to the latest version of the affected product. The second digit refers to older versions. See “Microsoft Security Bulletin Summary for November” for more details. N/A implies that either older or newer products are not affected or covered by the index.


SA46731 (MS11-083) should receive immediate attention as it may allow execution of arbitrary code by sending a continuous flow of UDP packets to a closed port. It does not have an “Exploitability Index” rating of “1”. However, due to the nature of the vulnerability Secunia emphasizes on the prioritization of this update.

SA46752 (MS11-085) addresses an arbitrary code execution vulnerability due to insecure library loading in Windows Mail and Windows Meeting Space and has an “Exploitability Index” rating of “1”. Note that this should be considered as a “defense in depth” update for Windows 7 and Windows Server 2008 R2 as currently there are no known attack vectors to exploit this vulnerability.

SA46751 (MS11-084) and SA46755 (MS11-086) address a Denial of Service and a Security Bypass vulnerability, respectively. SA46751 resolves a vulnerability in TrueType font parsing, which can be exploited to crash a system if e.g. a user visits a malicious network share. SA46755 can be exploited to gain unintended access to an Active Directory server. However, it only affects a configuration where Active Directory is configured to use LDAP over SSL, which is not a default setting. It also requires an attacker to have access to a revoked certificate and therefore it is unlikely that this vulnerability would be exploited on a large scale. Both vulnerabilities (SA46751 and SA46755) do not allow code execution.

Stay Secure,


Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.

Subject: Microsoft Patch Tuesday Roundup - November

No posts yet
You must be logged in to post a comment.