Microsoft Security Bulletin Summary for June 14 2011

TechNet Webcast: Information About Microsoft June Security Bulletins (Level 200)
Event ID: 1032455073



Language(s): English.
Product(s): Other.
Audience(s): IT Decision Maker, IT Generalist.




Join us for a brief overview of the technical details of the June security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Jonathan Ness, Security Development Manager, MSRC, Microsoft Corporation



Register now for the june security bulletin webcast.

 

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

windows-kb890830-v3.20.exe12.9MB

--------------------------------------------------------------------------------

Version:3.20Date Published:6/14/2011

http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

 

Microsoft Security Bulletin Summary for June 14 2011

Microsoft Security Bulletin Summary for June 14 2011
Published: June 14 2011

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:
http://www.microsoft.com/technet/security/bulletin/ms11-jun.mspx

Critical (9)

Microsoft Security Bulletin MS11-038 - Critical
Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)
http://www.microsoft.com/technet/security/Bulletin/MS11-038.mspx

Microsoft Security Bulletin MS11-039 - Critical
Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)
http://www.microsoft.com/technet/security/Bulletin/MS11-039.mspx

Microsoft Security Bulletin MS11-040 - Critical
Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426)
http://www.microsoft.com/technet/security/bulletin/MS11-040.mspx

Microsoft Security Bulletin MS11-041 - Critical
Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)
http://www.microsoft.com/technet/security/bulletin/MS11-041.mspx

Microsoft Security Bulletin MS11-042 - Critical
Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)
http://www.microsoft.com/technet/security/Bulletin/MS11-042.mspx

Microsoft Security Bulletin MS11-043
Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)
http://www.microsoft.com/technet/security/bulletin/ms11-043.mspx

Microsoft Security Bulletin MS11-044
Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)
http://www.microsoft.com/technet/security/bulletin/ms11-044.mspx

Microsoft Security Bulletin MS11-050
Cumulative Security Update for Internet Explorer (253054
http://www.microsoft.com/technet/security/bulletin/ms11-050.mspx

Microsoft Security Bulletin MS11-052
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)
http://www.microsoft.com/technet/security/bulletin/ms11-052.mspx



Important (7)

Microsoft Security Bulletin MS11-037
Vulnerability in MHTML Could Allow Information Disclosure (2544893)
http://www.microsoft.com/technet/security/bulletin/ms11-037.mspx

Microsoft Security Bulletin MS11-045
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)
http://www.microsoft.com/technet/security/bulletin/ms11-045.mspx

Microsoft Security Bulletin MS11-046
Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)
http://www.microsoft.com/technet/security/bulletin/ms11-046.mspx

Microsoft Security Bulletin MS11-047
Vulnerability in Hyper-V Could Allow Denial of Service (2525835)
http://www.microsoft.com/technet/security/bulletin/ms11-047.mspx

Microsoft Security Bulletin MS11-048
Vulnerability in SMB Server Could Allow Denial of Service (2536275)
http://www.microsoft.com/technet/security/bulletin/ms11-048.mspx

Microsoft Security Bulletin MS11-049
Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)
http://www.microsoft.com/technet/security/bulletin/ms11-049.mspx

Microsoft Security Bulletin MS11-051
Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)
http://www.microsoft.com/technet/security/bulletin/ms11-051.mspx



Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Microsoft Security Bulletin Minor Revisions - June 14, 2011
Issued: June 14, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-049 - Important
* MS11-042 - Critical

Bulletin Information:

* MS11-049 - Important
http://www.microsoft.com/technet/security/bulletin/ms11-049.mspx

- Reason for Revision: V1.1 (June 14, 2011): V1.1 (June 14, 2011):
Removed erroneous entries from Non-Affected Software table.
- Originally posted: June 14, 2011
- Updated: June 14, 2011
- Bulletin Severity Rating: Important
- Version: 1.1

* MS11-042 - Critical
http://www.microsoft.com/technet/security/bulletin/ms11-042.mspx

- Reason for Revision: V1.1 (June 14, 2011): Moved Windows 7 for
32-bit Systems Service Pack 1, Windows 7 for x64-based
Systems Service Pack 1, Windows Server 2008 R2 for x64-based
Systems Service Pack 1, and Windows Server 2008 R2 for
Itanium-based Systems Service Pack 1 from the affected
software table to the non-affected software table. This is an
informational change only. There were no changes to the
security update files or detection logic.
- Originally posted: June 14, 2011
- Updated: June 14, 2011
- Bulletin Severity Rating: Critical
- Version: 1.1



Title: Microsoft Security Bulletin Re-Releases
Issued: June 14, 2011
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS11-025 - Important

Bulletin Information:
=====================

* MS11-025 - Important

- Reason for Revision: V3.0 (June 14, 2011): Reoffered the update
for Microsoft Visual Studio 2005 Service Pack 1, Microsoft
Visual Studio 2008 Service Pack 1, Microsoft Visual Studio
2010, Microsoft Visual C++ 2005 Service Pack 1
Redistributable Package, and Microsoft Visual C++ 2008
Service Pack 1 Redistributable Package. Customers who have
previously installed this update should install the new
packages on the affected systems.
- Originally posted: April 12, 2011
- Updated: June 14, 2011
- Bulletin Severity Rating: Important
- Version: 3.0

http://www.microsoft.com/technet/security/bulletin/ms11-025.mspx

 

Microsoft Security Bulletin MS11-051 - Important
Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)
Published: June 14, 2011 | Updated: June 15, 2011

Revisions
•

V1.0 (June 14, 2011): Bulletin published.
•

V1.1 (June 15, 2011): Clarified the XSS Filter mitigation.

http://www.microsoft.com/technet/security/bulletin/MS11-051.mspx?pubDate=2011-06-15


Microsoft Security Bulletin MS11-049 - Important
Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)
Published: June 14, 2011 | Updated: June 15, 2011

Revisions
•

V1.0 (June 14, 2011): Bulletin published.
•

V1.1 (June 14, 2011): Removed erroneous entries from Non-Affected Software table.
•

V1.2 (June 15, 2011): Removed erroneous entry from Non-Affected Software table.

http://www.microsoft.com/technet/security/bulletin/MS11-049.mspx?pubDate=2011-06-15

 

Microsoft Security Bulletin Minor Revisions - Jun 22. 2011
Issued: June 22, 2011

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-049 - Important
* MS11-043 - Critical
* MS11-028 - Critical

Bulletin Information:
=====================

* MS11-049 - Important
http://www.microsoft.com/technet/security/bulletin/ms11-049.mspx

- Reason for Revision: V1.3 (June 22, 2011): Corrected the bulletin
replacement information for Microsoft InfoPath 2007 and the
Systems Management Server detection information for SQL
Server. This is a bulletin change only. There were no changes
to the detection or security update files.
- Originally posted: June 14, 2011
- Updated: June 22, 2011
- Bulletin Severity Rating: Important
- Version: 1.3

* MS11-043 - Critical
http://www.microsoft.com/technet/security/bulletin/ms11-043.mspx
- Reason for Revision: V1.1 (June 22, 2011): Added a link to
Microsoft Knowledge Base Article 2536276 under Known Issues
in the Executive Summary.
- Originally posted: June 14, 2011
- Updated: June 22, 2011
- Bulletin Severity Rating: Critical
- Version: 1.1

* MS11-028 - Critical
http://www.microsoft.com/technet/security/bulletin/ms11-028.mspx
- Reason for Revision: V2.2 (June 22, 2011): Corrected the bulletin
replacement information. This is a bulletin change only.
There were no changes to the detection or security update files.
- Originally posted: April 12, 2011
- Updated: June 22, 2011
- Bulletin Severity Rating: Critical
- Version: 2.2

 

Microsoft Security Advisory (2524375)
Fraudulent Digital Certificates Could Allow Spoofing
Published: March 23, 2011 | Updated: July 06, 2011

Revisions
• V1.0 (March 23, 2011): Advisory published.

• V2.0 (April 19, 2011): Added Windows Mobile 6.x, Windows Phone 7, Microsoft Kin, and Zune devices to affected software and devices.

• V3.0 (May 3, 2011): Announced the release of an update for Windows Phone 7 devices. The update is not available to all customers at the time of release; see the advisory FAQ for more information.

• V4.0 (May 10, 2011): Announced the release of an update for Windows Mobile 6.x devices.

• V5.0 (July 6, 2011): Announced the release of an update for Zune HD devices and moved Zune devices to the Non-Affected Devices table.

http://www.microsoft.com/technet/security/advisory/2524375.mspx