February 2011 - Microsoft Releases 12 Advisories
Severity: HIGH
Advisory Date: FEB 08, 2011
DESCRIPTION
Microsoft addresses the following vulnerabilities in its February batch of patches:
- (MS11-003) Cumulative Security Update for Internet Explorer (2482017)
Risk Rating: Critical
This security update addresses vulnerabilities in Internet Explorer that could allow remote code execution. The exploit works when a user views a specially crafted Web page using Internet Explorer or opens a legitimate HTML file that loads a specially crafted library file. Read more here. - (MS11-004) Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
Risk Rating: Important
This security update addresses a vulnerability in Microsoft Internet Information Services (IIS) FTP Service, which could allow remote code execution if an FTP server receives a specially crafted FTP command. Read more here. - (MS11-005) Vulnerability in Active Directory Could Allow Denial of Service (2478953)
Risk Rating: Important
This security update addresses a vulnerability in Active Directory, which could allow denial of service if an attacker sent a specially crafted packet to an affected Active Directory server. Read more here. - (MS11-006) Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
Risk Rating: Critical
This security update addresses a vulnerability in the Windows Shell graphics processor, which could allow remote code execution if a user views a specially crafted thumbnail image. Read more here. - (MS11-007) Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
Risk Rating: Critical
This security update addresses a vulnerability in the Windows OpenType Compact Font Format (CFF) driver, which could allow remote code execution if a user views content rendered in a specially crafted CFF font. Read more here. - (MS11-008) Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)
Risk Rating: Important
This security update addresses two vulnerabilities in Microsoft Visio, could allow remote code execution if a user opens a specially crafted Visio file. Read more here. - (MS11-009) Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
Risk Rating: Important
This security update addresses a vulnerability in the JScript and VBScript scripting engines, which could allow information disclosure if a user visited a specially crafted website. Read more here. - (MS11-010) Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
Risk Rating: Important
This security update addresses a vulnerability in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS), which could allow elevation of privilege. Read more here. - (MS11-011) Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
Risk Rating: Important
This security update addresses vulnerabilities in Microsoft Windows, which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. Read more here. - (MS11-012) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
Risk Rating: Important
This security update addresses vulnerabilities in Microsoft Windows, which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. Read more here. - (MS11-013) Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
Risk Rating: Important
This security update addresses vulnerabilities in Microsoft Windows with the more severe ones capable of allowing elevation of privilege if a local, authenticated attacker installs a malicious service on a domain-joined computer. Read more here. - (MS11-014) Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)
Risk Rating: Important
This security update addresses a vulnerability in the Local Security Authority Subsystem Service (LSASS), which could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. Read more here.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.
Microsoft Bulletin ID | Vulnerability ID | Identifier & Title | IDF First Pattern Version | IDF First Pattern Release Version |
---|---|---|---|---|
MS11-003 | CVE-2010-3971 | 1004550 - Microsoft Internet Explorer CSS Parsing Remote Code Execution | 11-001 | Jan 05, 2011 |
CVE-2011-0036 | 1004589 - Uninitialized Memory Corruption Vulnerability | 11-005 | Feb 09, 2011 | |
MS11-006 | CVE-2010-3970 | 1004562 - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability | 11-002 | Jan 12, 2011 |
1004563 - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability Over Network Share | 11-002 | Jan 12, 2011 | ||
MS11-009 | CVE-2011-0031 | 1004588 - Microsoft Script Encoder Memory Corruption Vulnerability | 11-005 | Feb 09, 2011 |
MS11-013 | CVE-2011-0091 | 1004591 - Kerberos Spoofing Vulnerability | 11-005 | Feb 09, 2011 |