October 2011- Microsoft Releases 8 Security Advisories

  Severity: HIGH
  Advisory Date: OCT 11, 2011

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its October batch of patches:

  • (MS11-075) Vulnerability in Microsoft Active Accessibility Could Allow Remote Code Execution (2623699)
    Risk Rating: Important

    This update resolves a privately reported vulnerability in the Microsoft Active Accessibility component. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (.DLL) file. Read more here.


  • (MS11-076) Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926)
    Risk Rating: Important

    This update resolves a publicly disclosed vulnerability in Windows Media Center. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (.DLL) file. Read more here.


  • (MS11-077) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053)
    Risk Rating: Important

    This update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted font file (such as a .fon file) in a network share, a UNC or WebDAV location, or an e-mail attachment. Read more here.


  • (MS11-078) Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2604930)
    Risk Rating: Critical

    This update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Read more here.


  • (MS11-079) Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Remote Code Execution (2544641)
    Risk Rating: Important

    This update resolves five privately reported vulnerabilities in Microsoft Forefront Unified Access Gateway (UAG). The most severe of these vulnerabilities could allow remote code execution if a user visits an affected website using a specially crafted URL. Read more here.


  • (MS11-080) Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799)
    Risk Rating: Important

    This update resolves a privately reported vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. Read more here.


  • (MS11-081) Cumulative Security Update for Internet Explorer (2586448)
    Risk Rating: Critical

    This update resolves eight privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Read more here.


  • (MS11-082) Vulnerabilities in Host Integration Server Could Allow Denial of Service (2607670)
    Risk Rating: Important

    This security update resolves two publicly disclosed vulnerabilities in Host Integration Server. The vulnerabilities could allow denial of service if a remote attacker sends specially crafted network packets to a Host Integration Server listening on UDP port 1478 or TCP ports 1477 and 1478. Read more here.

  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.

Microsoft Bulletin ID Vulnerability ID Rule Number & Title Deep Security Pattern Version Deep Security Pattern Release Date
MS11-075 CVE-2011-1247 1004821 - Active Accessibility Insecure Library Loading Vulnerability (CVE-2011-1247) 11-029 Dec 12, 2011
MS11-076 CVE-2011-2009 1004609 - Identified Suspicious Microsoft DLL File ,Over WebDav
MS11-079 CVE-2011-2012 1004822 Null Session Cookie Crash Vulnerability (CVE 2011-2012) 11-029 Dec 12, 2011
MS11-079 CVE-2011-1895 1000128 - HTTP Protocol Decoding
MS11-079 CVE-2011-1896 1000552 - Generic Cross Site Scripting(XSS) Prevention
MS11-079 CVE-2011-1897 1000552 - Generic Cross Site Scripting(XSS) Prevention
MS11-081 CVE-2011-1993 1004813 -Internet Explorer Scroll Event Remote Code Execution Vulnerability (CVE-2011-1993) 11-029 Dec 12, 2011
MS11-081 CVE-2011-1995 1004819 - OLEAuto32.dll Remote Code Execution Vulnerability (CVE 2011-1995) 11-029 Dec 12, 2011
MS11-081 CVE-2011-1996 1004814 - Option Element Remote Code Execution Vulnerability (CVE-2011-1996) 11-029 Dec 12, 2011
MS11-081 CVE-2011-1999 1004816 - Select Element Remote Code Execution Vulnerability (CVE-2011-1999) 11-029 Dec 12, 2011
MS11-081 CVE-2011-2001 1004815 - Internet Explorer Virtual Function Table Corruption Remote Code Execution Vulnerability (CVE-2011-2001) 11-029 Dec 12, 2011
MS11-082 CVE-2011-2007 1004820 - Endless Loop DoS In snabase.exe Vulnerability (CVE-2011-2007) 11-029 Dec 12, 2011
MS11-082 CVE-2011-2008 1004683 - Microsoft Host Integration Server snabase.exe Memory Access Error

  OTHER INFORMATION