Secunia CSI7
About us
Careers
Memberships
Newsroom
Contact us
Blog
News
Articles

Microsoft Patch Tuesday Roundup - November

Get this blog as an RSS Feed
15:45 CET on the 9th November 2011
Entry written by Secunia.

This month Microsoft released four bulletins (MS11-083 – MS11-086). Secunia has rated two of them as “Highly Critical”, one as “Moderately Critical”, and one as “Less Critical” while Microsoft has rated one as “Critical”, two as “Important”, and one as “Moderate”. Each of the bulletins covers one vulnerability and of the four bulletins, two have received a rating of “1” in the Microsoft Exploitability Index. Microsoft describes a “1” as “Consistent exploit code likely”.

In the table below you will find an overview of the Microsoft Bulletins and the corresponding Secunia Advisories, as well as the ratings from both Microsoft and Secunia.

Microsoft Bulletin Secunia
Advisory ID
(SAID)
MS KB CVE(s) Secunia Rating MS Rating Microsoft
Exploitability
Index
Vector
MS11-083 SA46731 KB2588516 CVE-2011-2013 High Critical 2,2 Remote
MS11-084 SA46751 KB2617657 CVE-2011-2004 Moderate Moderate N/A Remote
MS11-085 SA46752 KB2620704 CVE-2011-2016 High Important 1,1
Remote
MS11-086 SA46755 KB2630837 CVE-2011-2014 Less Important 1,1 Local Network


Note: The first digit in the “Microsoft Exploitability Index” refers to the latest version of the affected product. The second digit refers to older versions. See “Microsoft Security Bulletin Summary for November” for more details. N/A implies that either older or newer products are not affected or covered by the index.

Prioritisation

SA46731 (MS11-083) should receive immediate attention as it may allow execution of arbitrary code by sending a continuous flow of UDP packets to a closed port. It does not have an “Exploitability Index” rating of “1”. However, due to the nature of the vulnerability Secunia emphasizes on the prioritization of this update.

SA46752 (MS11-085) addresses an arbitrary code execution vulnerability due to insecure library loading in Windows Mail and Windows Meeting Space and has an “Exploitability Index” rating of “1”. Note that this should be considered as a “defense in depth” update for Windows 7 and Windows Server 2008 R2 as currently there are no known attack vectors to exploit this vulnerability.

SA46751 (MS11-084) and SA46755 (MS11-086) address a Denial of Service and a Security Bypass vulnerability, respectively. SA46751 resolves a vulnerability in TrueType font parsing, which can be exploited to crash a system if e.g. a user visits a malicious network share. SA46755 can be exploited to gain unintended access to an Active Directory server. However, it only affects a configuration where Active Directory is configured to use LDAP over SSL, which is not a default setting. It also requires an attacker to have access to a revoked certificate and therefore it is unlikely that this vulnerability would be exploited on a large scale. Both vulnerabilities (SA46751 and SA46755) do not allow code execution.

Stay Secure,

Secunia

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: Microsoft Patch Tuesday Roundup - November
 
No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer