Microsoft Security Bulletin Summary for July 12 2011

Discussion in 'other security issues & news' started by NICK ADSL UK, Jul 12, 2011.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Summary for July 12 2011

    Microsoft Security Bulletin Summary for July 12 2011
    Published: July 12 2011


    Note: There may be latency issues due to replication, if the page does not display keep refreshing


    Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


    Today Microsoft released the following Security Bulletin(s).

    Bulletin Summary:

    http://www.microsoft.com/technet/security/bulletin/ms11-jul.mspx

    Critical (1)
    Microsoft Security Bulletin MS11-053 - Critical
    Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)
    Published: July 12, 2011
    http://www.microsoft.com/technet/security/Bulletin/MS11-053.mspx

    Important (3)

    Microsoft Security Bulletin MS11-054 - Important
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)
    Published: July 12, 2011
    http://www.microsoft.com/technet/security/bulletin/ms11-054.mspx

    Microsoft Security Bulletin MS11-056 - Important
    Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (250793:cool:
    Published: July 12, 2011
    http://www.microsoft.com/technet/security/bulletin/ms11-056.mspx

    Microsoft Security Bulletin MS11-055 - Important
    Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)
    Published: July 12, 2011
    http://www.microsoft.com/technet/security/Bulletin/MS11-055.mspx


    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information about Microsoft Security Bulletins for July (Level 200)
    Event ID: 1032487855

    Language(s): English.
    Product(s): computer security and information security.
    Audience(s): IT Decision Maker and IT Generalist.

    Join us for a brief overview of the technical details of the Microsoft security bulletins for July. We intend to address your concerns in this webcast; therefore, most of the webcast is devoted to attendees asking questions and getting answers from Microsoft security experts.


    Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Dustin Childs, Senior Security Program Manager, Microsoft Security Response Center, Microsoft Corporation


    Register now for the july security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    please take note


    2532531

    http://support.microsoft.com/kb/2532531/MS11-053:
    Description of the update for Bluetooth Stack for Windows 7 and Windows Vista Service Pack 2: July 12, 2011 Known issues in security update 2532531:

    * If you are running Windows 7, we recommend that you install update
    2552343 before you install this security update. Your system is
    automatically offered update 2552343 when you use Microsoft Update.
    * After you install this security update, you may be prompted to
    install this security update again when you scan the system by
    using Windows Update, Microsoft Update, Microsoft Windows Server
    Update Services (WSUS) server or Microsoft Baseline Security
    Analyzer (MBSA). This issue may occur if you installed this
    security update, but you have not installed update 2552343. To
    resolve this issue, approve the installation of update 2552343 in
    WSUS or install update 2552343

    http://support.microsoft.com/kb/2552343
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Title: Microsoft Security Bulletin Re-Releases
    Issued: July 12, 2011


    Microsoft Security Bulletin MS08-069 – Critical
    Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (95521:cool:
    Published: November 11, 2008 | Updated: July 12, 2011

    Revisions
    • V1.0 (November 11, 200:cool:: Bulletin published.

    • V1.1 (December 10, 200:cool:: Removed the kill bit workaround from Workarounds for MSXML DTD Cross-Domain Scripting Vulnerability - CVE-2008-4029. Also added a note to the Supported Security Update Installation Switches tables clarifying that the /overwriteoem installation switch is not applicable for Microsoft XML Core Services 4.0 or Microsoft XML Core Services 6.0 when installed on Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition, Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003 Service Pack 1, or Windows Server 2003 Service Pack 2.

    • V1.2 (December 17, 200:cool:: Added log file entries in the Security Update Deployment section Reference table for Microsoft XML Core Services 6.0 when installed on Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Server 2003 x64 Edition, and Windows Server 2003 x64 Edition Service Pack 2.

    • V2.0 (April 29, 2009): Added Microsoft XML Core Services 4.0 (KB954430) on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2 as affected software. Also added as non-affected software: Microsoft XML Core Services 3.0 and Microsoft XML Core Services 6.0 on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2. This is a detection change only; there were no changes to the binaries. Customers who have already successfully installed KB954430 do not need to reinstall.

    • V3.0 (October 13, 2009): Added Microsoft XML Core Services 4.0 (KB954430) when installed on 32-bit and x64-based editions of Windows 7 and on x64-based and Itanium-based editions of Windows Server 2008 R2 as affected software. This is a detection change only; there were no changes to the binaries. Customers who have already successfully installed KB954430 do not need to reinstall.

    • V4.0 (July 12, 2011): Added Microsoft XML Core Services 4.0 (KB954430) when installed on 32-bit and x64-based editions of Windows 7 Service Pack 1 and on x64-based and Itanium-based editions of Windows Server 2008 R2 Service Pack 1 as affected software. This is a detection change only; there were no changes to the binaries. The latest MBSA and SMS support this rerelease. Customers who have already successfully installed KB954430 do not need to reinstall.

    http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions - July 27, 2011
    Summary
    =======
    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.

    * MS11-027 - Critical
    * MS09-035 - Moderate

    Bulletin Information:
    =====================

    * MS11-027 - Critical


    http://www.microsoft.com/technet/security/bulletin/ms11-027.mspx

    - Reason for Revision: V1.1 (July 27, 2011): Added class
    identifiers for the Microsoft WMITools ActiveX Control
    described in this bulletin's vulnerability section for
    CVE-2010-3973. This is an informational change only.
    Customers who have already applied the "Prevent COM objects
    from running in Internet Explorer" workaround for this
    vulnerability should reapply this workaround with the
    additional class identifiers.
    - Originally posted: April 12, 2011
    - Updated: July 27, 2011
    - Bulletin Severity Rating: Critical
    - Version: 1.1

    * MS09-035 - Moderate

    http://www.microsoft.com/technet/security/bulletin/ms09-035.mspx

    - Reason for Revision: V3.1 (July 27, 2011): Corrected the update
    verification information for Microsoft Visual C++ 2005
    Service Pack 1 Redistributable Package, Microsoft Visual C++
    2008 Redistributable Package, and Microsoft Visual C++ 2008
    Service Pack 1 Redistributable Package. Removed the registry
    key information in favor of product codes. This is an
    informational change only.
    - Originally posted: July 28, 2009
    - Updated: July 27, 2011
    - Bulletin Severity Rating: Moderate
    - Version: 3.1
     
Loading...
Thread Status:
Not open for further replies.