March 2011 - Microsoft Releases 3 Advisories

  Severity: HIGH
  Advisory Date: MAR 08, 2011

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its March batch of patches:

  • (MS11-015) Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030)
    Risk Rating: Critical

    This security update addresses a vulnerability in DirectShow and a vulnerability in Windows Media Player and Windows Media Center. An attacker could execute arbitrary code if a user opens a specially crafted Microsoft Digital Video Recording (.DVR-MS) file. Read more here.

  • (MS11-016) Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Groove, which could allow remote attackers to execute code on the vulnerable system. The attack works if a user opens a legitimate Groove-related file that is located in the same network directory as a specially crafted library file. Read more here.

  • (MS11-017) Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062)
    Risk Rating: Important

    This security update addresses a vulnerability in Windows Remote Desktop Client, which could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.RDP) file. Read more here.

  TREND MICRO PROTECTION INFORMATION

Trend Micro clients using OfficeScan with Intrusion Defense Firewall (IDF) may refer to the table below for the pattern filter identifier(s):

Microsoft Bulletin ID Vulnerability ID Identifier & Title IDF First Pattern Version IDF First Pattern Release Version
MS11-015

CVE-2011-0032

1004373 - Identified Microsoft DLL File Over Network Share

10-028
August 25, 2010


1004566 - Identified Suspicious Microsoft DLL File Over Network Share 11-009 March 9, 2011
MS11-016

CVE-2010-3146

1004373 - Identified Microsoft DLL File Over Network Share 10-028 August 25, 2010


1004566 - Identified Suspicious Microsoft DLL File Over Network Share 11-009 March 9, 2011
MS11-017

CVE-2011-0029

1004373 - Identified Microsoft DLL File Over Network Share 10-028 August 25, 2010

  SOLUTION