Microsoft: 13 Bulletins to Fix 22 Vulnerabilities

Thursday, August 11, 2011 @ 01:08 PM gHale

Patch Tuesday, is just that, Patch Tuesday, but in the year of vulnerabilities, it is worth noting Microsoft released 13 security bulletins, two rated Critical, nine Important and two Moderate.

These bulletins address 22 unique vulnerabilities in Internet Explorer, Microsoft .NET Framework, Microsoft Developer Tools, Microsoft Office, Microsoft Windows.

Wireless Weakness Patched
Microsoft Security Center Site Breached
Microsoft Updates Rootkit Removal Plan
‘Indestructible’ Botnet Making Rounds

The two critical updates include:
MS11-057 (Internet Explorer). This security update resolves five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. Microsoft is not aware of any attacks leveraging the vulnerabilities.

MS11-058 (DNS Server). This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a specially crafted Naming Authority Pointer (NAPTR) query to a DNS server. Servers that do not have the DNS role enabled are not at risk.

“Top priority should be given to a ‘critical’ bulletin that affects Internet Explorer 6 through 9 on Windows 7, XP, Vista, 2003 and 2008,” said Qualys Chief Technology Officer Wolfgang Kandek. “If left unpatched, attackers could use this vulnerability to remotely take control of victims’ systems.”

Leave a Reply

You must be logged in to post a comment.