2011 年 6 月:マイクロソフト 定例セキュリティ更新プログラム情報
2013年2月20日
危険度: : 緊急
情報公開日: 6 14, 2011
概要
Microsoft addresses the following vulnerabilities in its June batch of patches:
- (MS11-037) Vulnerability in MHTML Could Allow Information Disclosure (2544893)
Risk Rating: Important
This security update addresses a vulnerability in the MHTML protocol handler in Microsoft Windows, which could allow information disclosure, once a user opens a specially crafted URL from an attacker's website. Read more here. - (MS11-038) Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)
Risk Rating: Critical
This security update addresses a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation, which could lead to remote code execution once users visit a website containing a specially made Windows Metafile (WMF) image. Read more here. - (MS11-039) Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)
Risk Rating: Critical
This bulletin resolves a vulnerability in Microsoft .NET Framework and Microsoft Silverlight, which could allow arbitrary code execution once users view a malicious Web page via a Web browser that runs XAML Browser Applications (XBAPs) or Silverlight applications. Users with non-administrative user rights could be less affected than users with administrative rights. Read more here. - (MS11-040) Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426)
Risk Rating: Critical
This bulletin addresses a vulnerability in Microsoft Forefront Threat Management Gateway (TMG) 2010 Client (formerly Microsoft Forefront Threat Management Gateway Firewall Client). Once successfully exploited, this may allow remote code execution by a remote malicious user. Read more here. - (MS11-041) Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)
Risk Rating: Critical
This security update addresses a reported vulnerability in Microsoft Windows via specifically crafted OpenType font (OTF) accessed through a network share (or a website that points to a network share). Once successfully exploited, this could allow remote code execution by an attacker. Read more here. - (MS11-042) Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)
Risk Rating: Critical
This bulletin resolves two reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities may lead to remote code execution once an attacker sends a maliciously crafted DFS response to a user DFS request. Once exploited, this vulnerability could also take complete control of an affected system. Read more here. - (MS11-043) Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)
Risk Rating: Critical
This security update addresses a reported vulnerability in Microsoft Windows, that could lead to remote code execution if an attacker sends a specially crafted SMB response to a user SMB request. However, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server before successfully exploiting this bug. Read more here. - (MS11-044) Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)
Risk Rating: Critical
This bulletin resolves a vulnerability in Microsoft .NET Framework, which could allow remote code execution on a client system once a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users configured to have fewer user rights on an affected system could be less impacted than those with administrative rights. Read more here. - (MS11-045) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)
Risk Rating: Important
This bulletin resolves eight privately reported vulnerabilities in Microsoft Office, which allow remote code execution once users execute a maliciously crafted Excel file. Users with administrative rights are more affected by this attack as opposed to those with accounts configured with lesser user rights. Read more here. - (MS11-046) Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)
Risk Rating: Important
This bulletin resolves a publicly disclosed vulnerability in the Microsoft Windows Ancillary Function Driver (AFD) that could allow elevation of privilege once an attacker logs on to a user's system and runs a malicious application. However, an attacker needs valid logon credentials and must be able to log on locally to successfully execute an attack. Read more here. - (MS11-047) Vulnerability in Hyper-V Could Allow Denial of Service (2525835)
Risk Rating: Important
This bulletin addresses a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V, which could allow denial of service if an authenticated user sends a maliciously crafted packet to the VMBus. This vulnerability could not be exploited remotely or by an anonymous user. Read more here. - (MS11-048) Vulnerability in SMB Server Could Allow Denial of Service (2536275)
Risk Rating: Important
This bulletin resolves a reported vulnerability in Microsoft Windows, which could allow denial of service if an attacker creates a malicous SMB packet and sends this to an affected system. Read more here - (MS11-049) Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)
Risk Rating: Important
This security update addresses a reported vulnerability in Microsoft XML Editor, that could allow information disclosure once a user opens a malicious Web Service Discovery (.disco) file with one of the affected software. This threat would not allow remote code execution or elevation of user right, however, it could acquire information that could be used in future attacks. Read more here. - (MS11-050) Cumulative Security Update for Internet Explorer (2530548)
Risk Rating: Critical
This security update addresses eleven privately reported vulnerabilities in Internet Explorer. The most severe of these could allow remote code execution if a user views a maliciously crafted Web page via Internet Explorer. Once successfully exploited, attacker can gain same user rights as the local user. Read more here.
Note that Microsoft acknowledges Trend Micro for working with them in helping address the SafeHTML Information Disclosure Vulnerability (CVE-2011-1252), one of the privately reported vulnerabilities in Internet Explorer for this update. - (MS11-051) Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)
Risk Rating: Important
This bulletin resolves a reported vulnerability in Active Directory Certificate Services Web Enrollment. This is a cross-site scripting (XSS) vulnerability that may lead to elevation of privilege, enabling an attacker to execute arbitrary commands using the user rights of the target user. An attacker would need to send a specially crafted link and convince a user to click the link before executing an attack. Read more here. - (MS11-052) Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)
Risk Rating: Critical
This bulletin addresses vulnerability in Microsoft implementation of Vector Markup Language (VML), that may lead to arbitrary code execution if a user views a maliciously crafted Web page via Internet Explorer. Read more here.
トレンドマイクロの対策
マイクロソフトは、2011 年 6 月の定例セキュリティ更新プログラムをリリースし、以下の脆弱性に対応しています。
- MS11-037:MHTML の脆弱性により、情報漏えいが起こる (2544893)
危険度:高
詳しくは こちら
- MS11-038:OLE オートメーションの脆弱性により、リモートでコードが実行される (2476490)
危険度: 緊急
詳しくは こちら
- MS11-039:.NET Framework および Microsoft Silverlight の脆弱性により、リモートでコードが実行される (2514842)
危険度: 緊急
詳しくは こちら
- MS11-040:Threat Management Gateway ファイアウォール クライアントの脆弱性により、リモートでコードが実行される (2520426)
危険度:緊急
詳しくは こちら
- MS11-041:Windows カーネルモード ドライバーの脆弱性により、リモートでコードが実行される (2525694)
危険度: 緊急
詳しくは こちら
- MS11-042:分散ファイル システムの脆弱性により、リモートでコードが実行される (2535512)
危険度: 緊急
詳しくは こちら
- MS11-043:SMB クライアントの脆弱性により、リモートでコードが実行される (2536276)
危険度:緊急
詳しくは こちら
- MS11-044:.NET Framework の脆弱性により、リモートでコードが実行される (2538814)
危険度: 緊急
詳しくは こちら
- MS11-045:Microsoft Excel の脆弱性により、リモートでコードが実行される (2537146)
危険度: 高
詳しくは こちら
- MS11-046:Microsoft Ancillary Function ドライバーの脆弱性により、特権が昇格される (2503665)
危険度: 高
詳しくは こちら
- MS11-047:Hyper-V の脆弱性により、サービス拒否が起こる (2525835)
危険度: 高
詳しくは こちら
- MS11-048:SMB サーバーの脆弱性により、サービス拒否が起こる (2536275)
危険度:高
詳しくは こちら
- MS11-049:Microsoft XML エディターの脆弱性により、情報漏えいが起こる (2543893)
危険度: 高
詳しくは こちら
- MS11-050:Internet Explorer 用の累積的なセキュリティ更新プログラム (2530548)
危険度: 緊急
詳しくは こちら
- MS11-051:Active Directory 証明書サービスの Web 登録の脆弱性により、特権が昇格される (2518295)
危険度: 高
詳しくは こちら
- MS11-052:Vector Markup Language の脆弱性により、リモートでコードが実行される (2544521)
危険度: 緊急
詳しくは こちら
トレンドマイクロのサーバ向け総合セキュリティ製品「Trend Micro Deep Security(トレンドマイクロ ディープセキュリティ)」は、特定のフィルタを用いて以下の脆弱性から保護します。また、「Trend Micro 脆弱性対策オプション(ウイルスバスター コーポレートエディション プラグイン製品)」をご利用のユーザも、これらの脆弱性から保護されます。
Microsoft セキュリティ情報 ID | CVE識別番号 | フィルタ番号およびフィルタ名 | Deep Security パターンバージョン | Deep Security パターンリリース日 |
---|---|---|---|---|
MS11-038 | CVE-2011-0658 | 1004690 - OLE Automation Underflow Vulnerability | 11-018 | 2011年6月15日 |
MS11-042 | CVE-2011-1868 | 1004700 - DFS Memory Corruption Vulnerability | 11-018 | 2011年6月15日 |
MS11-043 | CVE-2011-1268 | 1004692 - SMB Response Parsing Vulnerability | 11-018 | 2011年6月15日 |
MS11-045 | CVE-2011-1272/TD> | 1004695 - Excel Insufficient Record Validation Vulnerability | 11-018 | 2011年6月15日 |
CVE-2011-1273 | 1004691 - Excel Improper Record Parsing Vulnerability | 11-018 | 2011年6月15日 | |
CVE-2011-1274 | 1004689 - Excel Out Of Bounds Array Access Vulnerability | 11-018 | 2011年6月15日 | |
CVE-2011-1278 | 1004698 - Excel WriteAV Vulnerability | 11-018 | 2011年6月15日 | |
MS11-048 | CVE-2011-1267 | 1004696 - SMB Request Parsing Vulnerability | 11-018 | 2011年6月15日 |
MS11-049 | CVE-2011-1280 | 1004694 - Microsoft XML Editor Information Disclosure Vulnerability | 11-018 | 2011年6月15日 |
MS11-050 | CVE-2011-1252 | 1004684 - Internet Explorer toStaticHTML Information Disclosure Vulnerability | 11-018 | 2011年6月15日 |
CVE-2011-1254 | 1004685 - Internet Explorer Layout Memory Corruption Vulnerability | 11-018 | 2011年6月15日 | |
CVE-2011-1255 | 1004687 - Internet Explorer Time Element Memory Corruption Vulnerability | 11-018 | 2011年6月15日 | |
CVE-2011-1260 | 1004686 - Internet Explorer Layout Memory Corruption Vulnerability | 11-018 | 2011年6月15日 | |
CVE-2011-1261 | 1004699 - Selection Object Memory Corruption Vulnerability | 11-018 | 2011年6月15日 | |
CVE-2011-1262 | 1004688 - Internet Explorer HTTP Redirect Memory Corruption Vulnerability | 11-018 | 2011年6月15日 | |
CVE-2011-1266 | 1004693 - VML Memory Corruption Vulnerability | 11-018 | 2011年6月15日 |