2011 年 11 月：マイクロソフト　定例セキュリティ更新プログラム情報

Microsoft addresses the following vulnerabilities in its November batch of patches:

• (MS11-083) Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
  Risk Rating: Critical
  
  

  This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. Read more here.




• (MS11-084) Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657)
  Risk Rating: Medium
  
  

  This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. Read more here.




• (MS11-085) Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
  Risk Rating: Important
  
  

  This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Read more here.




• (MS11-086) Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837)
  Risk Rating: Important
  
  

  This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). Read more here.