Latest Security Advisories & Notable Vulnerabilities

February 2011 - Microsoft Releases 12 Advisories
 Advisory Date:  08 Feb 2011
Microsoft addresses the following vulnerabilities in its February batch of patches:

  • (MS11-003) Cumulative Security Update for Internet Explorer (2482017)
    Risk Rating: Critical

    This security update addresses vulnerabilities in Internet Explorer that could allow remote code execution. The exploit works when a user views a specially crafted Web page using Internet Explorer or opens a legitimate HTML file that loads a specially crafted library file. Read more here.

  • (MS11-004) Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
    Risk Rating: Important

    This security update addresses a vulnerability in Microsoft Internet Information Services (IIS) FTP Service, which could allow remote code execution if an FTP server receives a specially crafted FTP command. Read more here.

  • (MS11-005) Vulnerability in Active Directory Could Allow Denial of Service (2478953)
    Risk Rating: Important

    This security update addresses a vulnerability in Active Directory, which could allow denial of service if an attacker sent a specially crafted packet to an affected Active Directory server. Read more here.

  • (MS11-006) Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
    Risk Rating: Critical

    This security update addresses a vulnerability in the Windows Shell graphics processor, which could allow remote code execution if a user views a specially crafted thumbnail image. Read more here.

  • (MS11-007) Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
    Risk Rating: Critical

    This security update addresses a vulnerability in the Windows OpenType Compact Font Format (CFF) driver, which could allow remote code execution if a user views content rendered in a specially crafted CFF font. Read more here.

  • (MS11-008) Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)
    Risk Rating: Important

    This security update addresses two vulnerabilities in Microsoft Visio, could allow remote code execution if a user opens a specially crafted Visio file. Read more here.

  • (MS11-009) Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
    Risk Rating: Important

    This security update addresses a vulnerability in the JScript and VBScript scripting engines, which could allow information disclosure if a user visited a specially crafted website. Read more here.

  • (MS11-010) Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
    Risk Rating: Important

    This security update addresses a vulnerability in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS), which could allow elevation of privilege. Read more here.

  • (MS11-011) Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
    Risk Rating: Important

    This security update addresses vulnerabilities in Microsoft Windows, which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. Read more here.

  • (MS11-012) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
    Risk Rating: Important

    This security update addresses vulnerabilities in Microsoft Windows, which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. Read more here.

  • (MS11-013) Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
    Risk Rating: Important

    This security update addresses vulnerabilities in Microsoft Windows with the more severe ones capable of allowing elevation of privilege if a local, authenticated attacker installs a malicious service on a domain-joined computer. Read more here.

  • (MS11-014) Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)
    Risk Rating: Important

    This security update addresses a vulnerability in the Local Security Authority Subsystem Service (LSASS), which could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. Read more here.
Vulnerability in MHTML Could Allow Information Disclosure
 Severity:    
 Advisory Date:  02 Feb 2011

This vulnerability is found in Microsoft Windows. When exploited, a remote attacker is able to execute malicious scripts on the infected system when the user visits websites, thus, disclosing any private information from these sites. The impact of exploiting this vulnerability is the same as that caused by server-side cross-site scripting (XSS) vulnerabilities.


Microsoft has noted that this vulnerability existed because of the way MHTML processes requests that are in MIME format. It is possible that a remote attacker can inject a client-side script code as a response to a Web request when users are browsing the Internet using Internet Explorer (IE). The script is capable of spoofing content, disclosing information, or taking any action on affected websites on behalf of the user.

Microsoft addresses the following vulnerabilities in its January batch of patches:

  • (MS11-001) Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935)
    Risk Rating: Important

    This security update resolves a vulnerability in Windows Backup Manager, which could allow remote code execution. Read more here.

  • (MS11-002) Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910)
    Risk Rating: Critical

    This security update resolves two vulnerabilities in Microsoft Data Access Components (MDAC), which could allow remote code execution. Read more here.

There is a vulnerability found in Windows Graphics Rendering Engine that may lead toexecution of arbitrary code once successfully exploited by a malicious remote user. It may also enable user toinstallation of programs, creation of malicious accounts, and changing, viewing or deleting data. User accounts with lesser user rights are less affected.

Vulnerability in Microsoft Internet Explorer 6, 7 and 8 that enables an attacker to gain the same user rights as the logged-on user after exploiting said vulnerability with a malicious website hosting specially-crafted content.If the user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft addresses the following vulnerabilities in its December batch of patches:

  • (MS10-090) Cumulative Security Update for Internet Explorer (2416400)
    Risk Rating: Critical

    This security update resolves a total of seven vulnerabilities in Internet Explorer (IE). Of these vulnerabilities, the most severe flaws could allow remote users to remotely execute malicious codes on the affected system if a user views a specially crafted Web page via IE. Read more here.

  • (MS10-091) Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution (2296199)
    Risk Rating: Critical

    This security update resolves several vulnerabilities in the Windows Open Type Font (OTF) driver, which could allow remote users to execute code remotely on the affected system. Read more here.

  • (MS10-092) Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)
    Risk Rating: Important

    This security update resolves a vulnerability in Windows Task Scheduler, which could allow elevation of privilege if an attacker is logged on to an affected system and runs a specially crafted application. Read more here.

  • (MS10-093) Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (2424434)
    Risk Rating: Important

    This vulnerability resolves a vulnerability in Windows Movie Maker, which could allow remote users to execute code on the affected system. Read more here.

  • (MS10-094) Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)
    Risk Rating: Important

    This update resolves a vulnerability in Windows Media Encoder, which could allow remote code execution if an attacker succeeds in convincing users to open a legitimate Windows Media Profile (.PRX) file that is located in the same network folder as a specially crafted library file. Read more here.

  • (MS10-095) Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2385678)
    Risk Rating: Important

    This update resolves a vulnerability in Microsoft Windows, which could allow remote code execution if users open certain files located in the same network folder as a specially crafted library file. Read more here.

  • (MS10-096) Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089)
    Risk Rating: Important

    This security update resolves a vulnerability in Windows Address Book, which could allow a remote user to execute code on the affected system. Read more here.

  • (MS10-097) Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)
    Risk Rating: Important

    This update resolves a vulnerability in the Internet Connection Signup Wizard of Microsoft Windows, which could allow remote code execution. This exploit works if a user opens an .INS or .ISP file located in the same network folder as a specially crafted library file. Read more here.

  • (MS10-098) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
    Risk Rating: Important

    This update resolves vulnerabilities in Microsoft Windows, which could allow elevation of privilege. The exploit works if an attacker is logged on locally using valid logon credentials and runs a specially crafted application. Read more here.

  • (MS10-099) Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591)
    Risk Rating: Important

    This update resolves a vulnerability in the Routing and Remote Access NDProxy component of Microsoft Windows.This update resolves a vulnerability in the Routing and Remote Access NDProxy component of Microsoft Windows. Read more here.

  • (MS10-100) Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)
    Risk Rating: Important

    This update resolves a vulnerability in the Consent User Interface (UI), which could allow elevation of privilege. Read more here.

  • (MS10-101) Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)
    Risk Rating: Important

    This update resolves a vulnerability in the Netlogon RPC Service on affected versions of Windows Server that are configured to serve as domain controllers. Read more here.

  • (MS10-102) Vulnerability in Hyper-V Could Allow Denial of Service (2345316)
    Risk Rating: Important

    This update resolves a vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. An attacker with valid logon credentials could exploit the vulnerability and allow denial of service. Read more here.

  • (MS10-103) Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
    Risk Rating: Important

    This update resolves vulnerabilities in Microsoft Publisher that could allow remote code execution. An attacker can exploit the vulnerability by opening a specially crafted Publisher file. Read more here.

  • (MS10-104) Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
    Risk Rating: Important

    This update resolves a vulnerability in Microsoft SharePoint, which could allow remote code execution. The vulnerability is exploited if an attacker sends a specially crafted SOAP request to the Document Conversions Launcher Service in a SharePoint server environment that is using the Document Conversions Load Balancer Service. Read more here.

  • (MS10-105) Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
    Risk Rating: Important

    This update resolves vulnerabilities in Microsoft Office, which could allow remote code execution. When users view a specially crafted image file using Microsoft Office, an attacker could gain the same user rights as the local user. Read more here.

  • (MS10-106) Vulnerability in Microsoft Exchange Server Could Allow Denial of Service (2407132)
    Risk Rating: Medium

    This update resolves a vulnerability in Microsoft Exchange Server, which could allow denial of service on the affected system. Read more here.

Microsoft addresses the following vulnerabilities in its November batch of patches:


  • (MS10-087) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)
    Risk Rating: Critical

    This security update addresses vulnerabilities in Microsoft Office that could allow remote execution when an unsuspecting user opens a specially crafted .RTF email message. Read more here.

  • (MS10-088) Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)
    Risk Rating: Important

    This update resolves two vulnerabilities in Microsoft Office that could allow a malicious user to execute code remotely when users open a specially crafted PowerPoint file. Read more here.

  • (MS10-089) Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)
    Risk Rating: Important

    This security update resolves four vulnerabilities in Forefront Unified Access Gateway (UAG). Read more here.
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue, as exploited in the wild in November 2010.
October 2010 - Microsoft Releases 16 Advisories
 Advisory Date:  13 Oct 2010

Microsoft addresses the following vulnerabilities in its October batch of patches:

  • (MS10-071) Cumulative Security Update for Internet Explorer (2360131)
    Risk Rating: Critical

    This security update addresses vulnerabilities in Internet Explorer that could allow remote code execution once a user views a specially crafted Web page using Internet Explorer.

    User with administrative rights are more affected by this vulnerability than those with fewer rights on the system. Read more here.

  • (MS10-072) Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
    Risk Rating: Important

    This security update addresses vulnerabilities in Microsoft SharePoint and Windows SharePoint Services. If successfully exploited via a specially crafted script to a target site using SafeHTML, it could lead to information disclosure. Read more here.

  • (MS10-073) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
    Risk Rating: Important

    This security update addresses vulnerabilities in Windows kernel-mode drivers that could increase in the privilege when an attacker is log on and is running a specially crafted application. To be able to exploit this vulnerability, the attacker must be log on locally as this could not be done remotely. Read more here.

  • (MS10-074) Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)
    Risk Rating: Critical

    This security update addresses a vulnerability in the Microsoft Foundation Class (MFC) Library that could allow remote code execution if a user is logged on with administrative user rights and opens an application built with the MFC Library. Read more here.

  • (MS10-075) Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)
    Risk Rating: Critical

    This security update addresses the vulnerability in the Microsoft Windows Media Player Network Sharing Service that could allow remote code execution once an attacker sends a specially crafted RTSP packet to an affected system. Read more here.

  • (MS10-076) Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)
    Risk Rating: Critical

    This security update addresses the vulnerability in the Embedded OpenType (EOT) Font Engine (a Microsoft Windows component) that could allow remote code execution. If successfully exploited, the attacker could remotely access the affected user system. Read more here.

  • (MS10-077) Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
    Risk Rating: Critical

    This security update addresses a vulnerability in Microsoft .NET Framework. Once a user views a specially crafted Web page via a Web browser that can run XAML Browser Applications (XBAPs), this could allow remote code execution. Moreover, it could also allow remte code execution on a server system running IIS when an attacker uploads a specially crafted ASP.NET page to that server as well as allow the processing of ASP.NET pages. Read more here.

  • (MS10-078) Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
    Risk Rating: Important

    This security update addresses vulnerabilities in the Windows OpenType Font (OTF) format driver that could allow elevation of privilege once a user views content rendered in a specially crafted OpenType font.

    This vulnerability could only be exploited when the attacker is log on locally and not remotely. Read more here.

  • (MS10-079) Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
    Risk Rating: Important

    This security update addresses 11 vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Word file.

    Once an attacker successfully exploited any of these vulnerabilities, he gains user rights to the system. Read more here.

  • (MS10-080) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
    Risk Rating: Important

    This security update addresses thirteen vulnerabilities in Microsoft Office. More specifically, it resolves issues that could allow remote code execution if a user opens a specially crafted Excel file or a specially crafted Lotus 1-2-3 file. Read more here.

  • (MS10-081) Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
    Risk Rating:Important

    This security update addresses a vulnerability in the Windows common control library that could allow remote code execution if a user visited a specially crafted Web page. Read more here.

  • (MS10-082) Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)
    Risk Rating:Important

    This security update addresses a vulnerability in Windows Media Player that could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. Read more here.

  • (MS10-083) Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)
    Risk Rating:Important

    This security update addresses a vulnerability in Microsoft Windows that could allow remote code execution if a user opens a specially crafted file using WordPad or selects or opens a shortcut file that is on a network or WebDAV share. Read more here.

  • (MS10-084) Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
    Risk Rating: Important

    This security update addresses a vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs specially crafted code that sends an LPC message to the local LRPC Server. The message could then allow an authenticated user to access resources that are running in the context of the NetworkService account. Read more here.

  • (MS10-085) Vulnerability in SChannel Could Allow Denial of Service (2207566)
    Risk Rating:Important

    This security update addresses a vulnerability in the Secure Channel (SChannel) security package in Windows that could allow denial of service if an affected Internet Information Services (IIS) server hosting a Secure Sockets Layer (SSL)-enabled Web site received a specially crafted packet message. By default, IIS is not configured to host SSL Web sites. Read more here.

  • (MS10-086) Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
    Risk Rating: Moderate

    This security update addresses a vulnerability in Windows Server 2008 R2 when used as a shared failover cluster. More specifically, this vulnerability could allow data tampering on the administrative shares of failover cluster disks. Read more here.

Vulnerability in ASP.NET Could Allow Information Disclosure (2416728)
 Severity:    
 Advisory Date:  21 Sep 2010

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability."