Microsoft Security Bulletin Advance Notification for July 2011

Discussion in 'other security issues & news' started by ronjor, Jul 7, 2011.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,329
    Location:
    Texas
    https://www.microsoft.com/technet/security/bulletin/ms11-jul.mspx

    Note: See Executive Summaries within the bulletin for information.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,329
    Location:
    Texas
    https://www.microsoft.com/technet/security/bulletin/ms11-jul.mspx
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,329
    Location:
    Texas
    http://blogs.technet.com/b/msrc/
     
  4. MessageBoxA

    MessageBoxA Registered Member

    Joined:
    Jun 20, 2011
    Posts:
    62
    Wow,

    Look at that... 14 Win32k.sys vunerabilities discovered by Tarjei. It is amazing that a multi-billion dollar company like Microsoft cannot scan ther own binaries for Null Pointer de-references and use-after-free pointers/handles.

    I love how they add: "An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users."

    That statement is somewhat misleading.

    I don't really understand why researchers like ~Link removed~ about a vunerability the same day the patch is released. He gives enough details in his blog to build a working exploit. He should wait a while longer before going public with details.
     
    Last edited by a moderator: Jul 12, 2011
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.