December 2011- Microsoft Releases 13 Security Advisories
Severity: HIGH
Advisory Date: DEC 13, 2011
DESCRIPTION
Microsoft addresses the following vulnerabilities in its December batch of patches:
- (MS11-087) Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
Risk Rating: Critical
This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits a malicious Web page that embeds TrueType font files. Read more here. - (MS11-088) Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged-on user performed specific actions on a system where an affected version of the Microsoft Pinyin (MSPY) Input Method Editor (IME) for Simplified Chinese is installed. Read more here. - (MS11-089) Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Word file. Read more here. - (MS11-090) Cumulative Security Update of ActiveX Kill Bits (2618451)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Microsoft software. The vulnerability could allow remote code execution if a user views a specially crafted Web page that uses a specific binary behavior in Internet Explorer. Read more here. - (MS11-091) Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
Risk Rating: Important
This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Office. Read more here. - (MS11-092) Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Windows Media Player and Windows Media Center. Read more here. - (MS11-093) Vulnerability in OLE Could Allow Remote Code Execution (2624667)
Risk Rating: Important
This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. Read more here. - (MS11-094) Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
Risk Rating: Important
This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. Read more here.
- (MS11-095) Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). Read more here. - (MS11-096) Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. Read more here. - (MS11-097) Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process. Read more here. - (MS11-098) Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
Risk Rating: Important
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability. Read more here. - (MS11-099) Cumulative Security Update for Internet Explorer (2618444)
Risk Rating: Important
This security update resolves three privately reported vulnerabilities in Internet Explorer. Read more here.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.
| Microsoft Bulletin ID | Vulnerability ID | Rule Number & Title | Deep Security Pattern Version | Deep Security Pattern Release Date |
|---|---|---|---|---|
| MS11-087 | CVE-2011-3402 | 1004858 - Identified Suspicious Microsoft Office Files With Embedded Dexter Font (CVE-2011-3402) | 11-035 | Dec 13, 2011 |
| MS11-090 | CVE-2011-3397 | 1004876 - Microsoft Time Remote Code Execution Vulnerability (CVE-2011-3397) | 11-035 | Dec 13, 2011 |
| MS11-092 | CVE-2011-3401 | 1004658 - Restrict Microsoft Windows Media DVR-MS File Download (CVE-2011-3401) | 11-035 | Dec 13, 2011 |
| MS11-094 | CVE-2011-3413 | 1004883 - OfficeArt Shape RCE Vulnerability (CVE-2011-3413) | 11-035 | Dec 13, 2011 |
| MS11-094 | CVE-2011-3396 | 1004877 - PowerPoint Insecure Library Loading Vulnerability Over Network Share (CVE-2011-3396) | 11-035 | Dec 13, 2011 |
| MS11-094 | CVE-2011-3396 | 1004879 - PowerPoint Insecure Library Loading Vulnerability Over WebDAV (CVE-2011-3396) | 11-035 | Dec 13, 2011 |
| MS11-099 | CVE-2011-2019 | 1004878 - Internet Explorer Insecure Library Loading Vulnerability Over Network Share (CVE-2011-2019) | 11-035 | Dec 13, 2011 |
| MS11-099 | CVE-2011-2019 | 1004882 - Internet Explorer Insecure Library Loading Vulnerability Over WebDav (CVE-2011-2019) | 11-035 | Dec 13, 2011 |
