Latest Security Advisories & Notable Vulnerabilities

• (MS11-015) Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030)
  Risk Rating: Critical
  
  This security update addresses a vulnerability in DirectShow and a vulnerability in Windows Media Player and Windows Media Center. An attacker could execute arbitrary code if a user opens a specially crafted Microsoft Digital Video Recording (.DVR-MS) file. Read more here.


• (MS11-016) Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047)
  Risk Rating: Important
  
  This security update resolves a vulnerability in Microsoft Groove, which could allow remote attackers to execute code on the vulnerable system. The attack works if a user opens a legitimate Groove-related file that is located in the same network directory as a specially crafted library file. Read more here.


• (MS11-017) Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062)
  Risk Rating: Important
  
  This security update addresses a vulnerability in Windows Remote Desktop Client, which could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.RDP) file. Read more here.

Microsoft has just issued an advisory about a vulnerability in the Microsoft Malware Protection Engine. If the said flaw is exploited, elevated privileges are granted to a local user once the engine starts to scan after a system is infiltrated by an attacker using valid login credentials and has created a specially crafted registry key. This, in turn, may grant the attacker the same privileges as the local user. Microsoft has also found that anonymous users could not exploit this vulnerability.

• (MS11-003) Cumulative Security Update for Internet Explorer (2482017)
  Risk Rating: Critical
  
  This security update addresses vulnerabilities in Internet Explorer that could allow remote code execution. The exploit works when a user views a specially crafted Web page using Internet Explorer or opens a legitimate HTML file that loads a specially crafted library file. Read more here.


• (MS11-004) Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
  Risk Rating: Important
  
  This security update addresses a vulnerability in Microsoft Internet Information Services (IIS) FTP Service, which could allow remote code execution if an FTP server receives a specially crafted FTP command. Read more here.


• (MS11-005) Vulnerability in Active Directory Could Allow Denial of Service (2478953)
  Risk Rating: Important
  
  This security update addresses a vulnerability in Active Directory, which could allow denial of service if an attacker sent a specially crafted packet to an affected Active Directory server. Read more here.


• (MS11-006) Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
  Risk Rating: Critical
  
  This security update addresses a vulnerability in the Windows Shell graphics processor, which could allow remote code execution if a user views a specially crafted thumbnail image. Read more here.


• (MS11-007) Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
  Risk Rating: Critical
  
  This security update addresses a vulnerability in the Windows OpenType Compact Font Format (CFF) driver, which could allow remote code execution if a user views content rendered in a specially crafted CFF font. Read more here.


• (MS11-008) Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)
  Risk Rating: Important
  
  This security update addresses two vulnerabilities in Microsoft Visio, could allow remote code execution if a user opens a specially crafted Visio file. Read more here.


• (MS11-009) Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
  Risk Rating: Important
  
  This security update addresses a vulnerability in the JScript and VBScript scripting engines, which could allow information disclosure if a user visited a specially crafted website. Read more here.


• (MS11-010) Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
  Risk Rating: Important
  
  This security update addresses a vulnerability in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS), which could allow elevation of privilege. Read more here.


• (MS11-011) Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
  Risk Rating: Important
  
  This security update addresses vulnerabilities in Microsoft Windows, which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. Read more here.


• (MS11-012) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
  Risk Rating: Important
  
  This security update addresses vulnerabilities in Microsoft Windows, which could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. Read more here.


• (MS11-013) Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
  Risk Rating: Important
  
  This security update addresses vulnerabilities in Microsoft Windows with the more severe ones capable of allowing elevation of privilege if a local, authenticated attacker installs a malicious service on a domain-joined computer. Read more here.


• (MS11-014) Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)
  Risk Rating: Important
  
  This security update addresses a vulnerability in the Local Security Authority Subsystem Service (LSASS), which could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. Read more here.

Microsoft addresses the following vulnerabilities in its December batch of patches:

• (MS10-090) Cumulative Security Update for Internet Explorer (2416400)
  Risk Rating: Critical
  
  This security update resolves a total of seven vulnerabilities in Internet Explorer (IE). Of these vulnerabilities, the most severe flaws could allow remote users to remotely execute malicious codes on the affected system if a user views a specially crafted Web page via IE. Read more here.
  
  
• (MS10-091) Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution (2296199)
  Risk Rating: Critical
  
  This security update resolves several vulnerabilities in the Windows Open Type Font (OTF) driver, which could allow remote users to execute code remotely on the affected system. Read more here.
  
  
• (MS10-092) Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)
  Risk Rating: Important
  
  This security update resolves a vulnerability in Windows Task Scheduler, which could allow elevation of privilege if an attacker is logged on to an affected system and runs a specially crafted application. Read more here.
  
  
• (MS10-093) Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (2424434)
  Risk Rating: Important
  
  This vulnerability resolves a vulnerability in Windows Movie Maker, which could allow remote users to execute code on the affected system. Read more here.
  
  
• (MS10-094) Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)
  Risk Rating: Important
  
  This update resolves a vulnerability in Windows Media Encoder, which could allow remote code execution if an attacker succeeds in convincing users to open a legitimate Windows Media Profile (.PRX) file that is located in the same network folder as a specially crafted library file. Read more here.
  
  
• (MS10-095) Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2385678)
  Risk Rating: Important
  
  This update resolves a vulnerability in Microsoft Windows, which could allow remote code execution if users open certain files located in the same network folder as a specially crafted library file. Read more here.
  
  
• (MS10-096) Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089)
  Risk Rating: Important
  
  This security update resolves a vulnerability in Windows Address Book, which could allow a remote user to execute code on the affected system. Read more here.
  
  
• (MS10-097) Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)
  Risk Rating: Important
  
  This update resolves a vulnerability in the Internet Connection Signup Wizard of Microsoft Windows, which could allow remote code execution. This exploit works if a user opens an .INS or .ISP file located in the same network folder as a specially crafted library file. Read more here.
  
  
• (MS10-098) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
  Risk Rating: Important
  
  This update resolves vulnerabilities in Microsoft Windows, which could allow elevation of privilege. The exploit works if an attacker is logged on locally using valid logon credentials and runs a specially crafted application. Read more here.
  
  
• (MS10-099) Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591)
  Risk Rating: Important
  
  This update resolves a vulnerability in the Routing and Remote Access NDProxy component of Microsoft Windows.This update resolves a vulnerability in the Routing and Remote Access NDProxy component of Microsoft Windows. Read more here.
  
  
• (MS10-100) Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)
  Risk Rating: Important
  
  This update resolves a vulnerability in the Consent User Interface (UI), which could allow elevation of privilege. Read more here.
  
  
• (MS10-101) Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)
  Risk Rating: Important
  
  This update resolves a vulnerability in the Netlogon RPC Service on affected versions of Windows Server that are configured to serve as domain controllers. Read more here.
  
  
• (MS10-102) Vulnerability in Hyper-V Could Allow Denial of Service (2345316)
  Risk Rating: Important
  
  This update resolves a vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. An attacker with valid logon credentials could exploit the vulnerability and allow denial of service. Read more here.
  
  
• (MS10-103) Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
  Risk Rating: Important
  
  This update resolves vulnerabilities in Microsoft Publisher that could allow remote code execution. An attacker can exploit the vulnerability by opening a specially crafted Publisher file. Read more here.
  
  
• (MS10-104) Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
  Risk Rating: Important
  
  This update resolves a vulnerability in Microsoft SharePoint, which could allow remote code execution. The vulnerability is exploited if an attacker sends a specially crafted SOAP request to the Document Conversions Launcher Service in a SharePoint server environment that is using the Document Conversions Load Balancer Service. Read more here.
  
  
• (MS10-105) Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
  Risk Rating: Important
  
  This update resolves vulnerabilities in Microsoft Office, which could allow remote code execution. When users view a specially crafted image file using Microsoft Office, an attacker could gain the same user rights as the local user. Read more here.
  
  
• (MS10-106) Vulnerability in Microsoft Exchange Server Could Allow Denial of Service (2407132)
  Risk Rating: Medium
  
  This update resolves a vulnerability in Microsoft Exchange Server, which could allow denial of service on the affected system. Read more here.