MS Office 2010 SP1 available
FYI...
MS Office 2010 SP1 available
- http://blogs.technet.com/b/office_su...d_engineering/
June 29, 2011 - "... Today SP1 is available from the Download center. The Downloads Table below provides links to the new packages for SP1. If you have installed all Office Automatic Updates, you will also see SP1 available as a manual download from Microsoft Update. After a 90 day grace period, SP1 will be offered as an automatic update through Microsoft Update..."
- http://technet.microsoft.com/en-us/office/ee748587.aspx
- http://support.microsoft.com/kb/2460049
.
MS to retire Office XP, Vista SP1 next week
FYI...
MS to retire Office XP, Vista SP1 next week
- https://www.computerworld.com/s/arti..._SP1_next_week
July 5, 2011 - "Microsoft will retire 2001's Office XP and the first service pack for Windows Vista next week, according to the company's published schedule. Both Office XP and Vista Service Pack 1 (SP1) will exit all support July 12, this month's Patch Tuesday. That date will be the last time Microsoft issues security updates for the aging suite and Vista SP1... Microsoft generally patches security vulnerabilities in its products throughout the entire 10-year stretch. Although Office XP's support expires next week, Vista users can continue to receive security updates by upgrading to SP2... Office 2003, the follow-up to Office XP, will receive security updates until April 2014. Office 2007 and Office 2010 will get patches until April 2017 and October 2020, respectively. Office XP and Vista SP1 were last patched three weeks ago when Microsoft issued 16 security updates that fixed 34 flaws."
Office XP
- http://support.microsoft.com/lifecycle/?p1=2533
:fear:
MS Security Bulletin Advance Notification - July 2011
FYI...
- http://www.microsoft.com/technet/sec.../MS11-jul.mspx
July 07, 2011 - "This is an advance notification of security bulletins that Microsoft is intending to release on July 12, 2011... (Total 0f -4-)
Bulletin 1 - Critical - Remote Code Execution - Requires restart - Microsoft Windows
Bulletin 2 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
Bulletin 3 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
Bulletin 4 - Important - Remote Code Execution - May require restart - Microsoft Office ..."
.
MS Security Bulletin Summary - July 2011
FYI...
- http://www.microsoft.com/technet/sec.../MS11-jul.mspx
July 12, 2011 - "This bulletin summary lists security bulletins released for July 2011... (Total of -4-)
Critical
Microsoft Security Bulletin MS11-053 - Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)
- http://www.microsoft.com/technet/sec.../MS11-053.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows
Important
Microsoft Security Bulletin MS11-054 - Important
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)
- http://www.microsoft.com/technet/sec.../ms11-054.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows
"This security update resolves -15- privately reported vulnerabilities in Microsoft Windows..."
Microsoft Security Bulletin MS11-056 - Important
Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)
- http://www.microsoft.com/technet/sec.../ms11-056.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows
"This security update resolves -5- privately reported vulnerabilities in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS)..."
Microsoft Security Bulletin MS11-055 - Important
Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)
- http://www.microsoft.com/technet/sec.../MS11-055.mspx
Important - Remote Code Execution - May require restart - Microsoft Office
- http://www.microsoft.com/technet/sec...y/2269637.mspx
• V8.0 (July 12, 2011): Added the update in Microsoft Knowledge Base Article 2533623 and the update in Microsoft Security Bulletin MS11-055, "Vulnerability in Microsoft Visio Could Allow Remote Code Execution," to the Updates relating to Insecure Library Loading section. The update in Microsoft Knowledge Base Article 2533623 implements Application Programming Interface (API) enhancements in Windows to help developers correctly and securely load external libraries.
- http://support.microsoft.com/kb/2533623
Last Review: July 12, 2011 - Revision: 2.1
___
- http://krebsonsecurity.com/2011/07/m...law-21-others/
July 12th, 2011 - "... updates to fix at least -22- security flaws in its Windows operating systems and other software..."
___
ISC Analysis
- http://isc.sans.edu/diary.html?storyid=11191
Last Updated: 2011-07-13 15:07:26 UTC ...(Version: 2)
___
Deployment Priority
- http://blogs.technet.com/cfs-filesys...deployment.png
Severity and Exploitability Index
- http://blogs.technet.com/cfs-filesys...ty_2D00_xi.png
___
- http://www.securitytracker.com/id/1025760 - MS11-053
- http://www.securitytracker.com/id/1025761 - MS11-054
- http://www.securitytracker.com/id/1025762 - MS11-056
- http://www.securitytracker.com/id/1025763 - MS11-055
July 12 2011
___
Q&A - MSRC July 2011 Security Bulletin Release
- http://blogs.technet.com/b/msrc/p/ju...letin-q-a.aspx
July 13, 2011
___
MSRT
- http://support.microsoft.com/?kbid=890830
July 12, 2011 - Revision: 89.0
(Recent additions)
- http://www.microsoft.com/security/pc...-families.aspx
... added this release...
• Tracur
• Dursg
Download:
- http://www.microsoft.com/downloads/e...displaylang=en
File Name: windows-kb890830-v3.21.exe 13.0MB
To download the x64 version of MSRT, click here:
- http://www.microsoft.com/downloads/d...displaylang=en
File Name: windows-kb890830-x64-v3.21.exe 13.0MB
- http://blogs.technet.com/b/mmpc/arch...r-malware.aspx
12 Jul 2011
.
July MSRT on web redirector malware
FYI...
July MSRT on web redirector malware
- http://blogs.technet.com/b/mmpc/arch...r-malware.aspx
28 Jul 2011 - "... Since the release of MSRT on July 12, we have removed 516,517 Win32/Tracur threats from 242,517 computers making this malware the top threat on the list. Another 91,041 instances of Win32/Dursg were removed from 73,166 computers... The big number of Tracur threats can be accounted to its dropped files. Tracur will drop modified copies of itself in the <system folder> using file names derived from existing Windows DLL names with an appended string “32”, such as hal32.dll, olecli3232.dll, olecli3232.exe, and authz32.dll. Checking the origin of detections for Tracur*, United States has the highest percentage of infections with 80%, followed by Japan, France, and Canada, accounting for 3% of detections each...
* http://www.microsoft.com/security/po...1-012-001b.png
For Dursg**, United States has 56% of the detected infections, followed by Turkey, Canada, and United Kingdom..."
** http://www.microsoft.com/security/po...11-012-002.png
:fear::fear:
MS Security Bulletin Advance Notification - August 2011
FYI...
- http://www.microsoft.com/technet/sec.../MS11-aug.mspx
August 04, 2011 - "This is an advance notification of security bulletins that Microsoft is intending to release on August 9, 2011..." (Total of -13-)
Bulletin 1 - Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Bulletin 2 - Critical - Remote Code Execution - Requires restart - Microsoft Windows
Bulletin 3 - Important - Remote Code Execution - Requires restart - Microsoft Windows
Bulletin 4 - Important - Remote Code Execution - May require restart - Microsoft Office
Bulletin 5 - Important - Elevation of Privilege - May require restart - Microsoft Windows
Bulletin 6 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
Bulletin 7 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
Bulletin 8 - Important - Denial of Service - Requires restart - Microsoft Windows
Bulletin 9 - Important - Denial of Service - Requires restart - Microsoft Windows
Bulletin 10 - Important - Information Disclosure - May require restart - Microsoft .NET Framework, Microsoft Developer Tools
Bulletin 11 - Important - Information Disclosure - May require restart - Microsoft Developer Tools
Bulletin 12 - Moderate - Information Disclosure - May require restart - Microsoft .NET Framework
Bulletin 13 - Moderate - Denial of Service - Requires restart - Microsoft Windows ..."
.
MS Security Bulletin Summary - August 2011
FYI...
- https://www.microsoft.com/technet/se.../MS11-aug.mspx
August 09, 2011 - "This bulletin summary lists security bulletins released for August 2011... (Total of -13-)
Critical - 2
Microsoft Security Bulletin MS11-057 - Critical
Cumulative Security Update for Internet Explorer (2559049)
- https://www.microsoft.com/technet/se.../MS11-057.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS11-058 - Critical
Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)
- https://www.microsoft.com/technet/se.../ms11-058.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows
Important - 9
Microsoft Security Bulletin MS11-059 - Important
Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656)
- https://www.microsoft.com/technet/se.../ms11-059.mspx
Important - Remote Code Execution - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS11-060 - Important
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978)
- https://www.microsoft.com/technet/se.../ms11-060.mspx
Important - Remote Code Execution - May require restart - Microsoft Office
Microsoft Security Bulletin MS11-061 - Important
Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)
- https://www.microsoft.com/technet/se.../ms11-061.mspx
Important - Elevation of Privilege - May require restart - Microsoft Windows
Microsoft Security Bulletin MS11-062 - Important
Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454)
- https://www.microsoft.com/technet/se.../ms11-062.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS11-063 - Important
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)
- https://www.microsoft.com/technet/se.../ms11-063.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS11-064 - Important
Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
- https://www.microsoft.com/technet/se.../ms11-064.mspx
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS11-065 - Important
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)
- https://www.microsoft.com/technet/se.../ms11-065.mspx
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS11-066 - Important
Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
- https://www.microsoft.com/technet/se.../ms11-066.mspx
Important - Information Disclosure - May require restart - Microsoft .NET Framework, Microsoft Developer Tools
Microsoft Security Bulletin MS11-067 - Important
Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
- https://www.microsoft.com/technet/se.../ms11-067.mspx
Important - Information Disclosure - May require restart - Microsoft Developer Tools
Moderate - 2
Microsoft Security Bulletin MS11-068 - Moderate
Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)
- https://www.microsoft.com/technet/se.../ms11-068.mspx
Moderate - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS11-069 - Moderate
Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
- https://www.microsoft.com/technet/se.../ms11-069.mspx
Moderate - Information Disclosure - May require restart - Microsoft .NET Framework
___
Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesy...11_2D00_xi.png
Deployment Priority
- https://blogs.technet.com/cfs-filesy...D00_deploy.png
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=11341
Last Updated: 2011-08-09 19:35:25 UTC
___
MSRT
- http://support.microsoft.com/?kbid=890830
August 9, 2011 - Revision: 90.0 - "... The Malicious Software Removal Tool runs in quiet mode. If it detects malicious software on your computer, the next time that you log on to your computer as a computer administrator, a balloon will appear in the notification area to make you aware of the detection..."
(Recent additions)
- http://www.microsoft.com/security/pc...-families.aspx
... added this release...
• FakeSysdef
• Hiloti
Download:
- http://www.microsoft.com/security/pc...e-removal.aspx
File Name: windows-kb890830-v3.22.exe
- https://www.microsoft.com/download/e...s.aspx?id=9905
x64 version of MSRT:
File Name: windows-kb890830-x64-v3.22.exe
MSRT August '11 ...
- https://blogs.technet.com/b/mmpc/arc...akesysdef.aspx
10 Aug 2011
.
MS Security Advisories... 2011.08.09
FYI...
Microsoft Security Advisory (2562937)
Update Rollup for ActiveX Kill Bits
- https://www.microsoft.com/technet/se...y/2562937.mspx
August 09, 2011 - "Microsoft is releasing a new set of ActiveX kill bits with this advisory. This update sets the kill bits for the following third-party software:
• CheckPoint SSL VPN On-Demand applications...
• ActBar... IBM...
• EBI R Web Toolkit... Honeywell..."
Microsoft Security Advisory (2269637)
Insecure Library Loading Could Allow Remote Code Execution
- https://www.microsoft.com/technet/se...y/2269637.mspx
August 09, 2011 - "... Update released on August 9, 2011
• MS11-059*, "Vulnerability in Data Access Components Could Allow Remote Code Execution," provides support for a vulnerable component of Microsoft Windows that is affected by the Insecure Library Loading class of vulnerabilities described in this advisory..."
* https://www.microsoft.com/technet/se.../ms11-059.mspx
.
MS Security Advisory (2607712)
FYI...
Microsoft Security Advisory (2607712)
Fraudulent Digital Certificates Could Allow Spoofing
- https://www.microsoft.com/technet/se...y/2607712.mspx
August 29, 2011 V2.0 - "Microsoft is aware of at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store, on all supported releases of Microsoft Windows. Although this is not a vulnerability in a Microsoft product, Microsoft is taking action to protect customers. Microsoft has been able to confirm that one digital certificate affects all subdomains of google.com and may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. Microsoft is continuing to investigate how many more certificates have been fraudulently issued. As a precautionary measure, Microsoft has removed the DigiNotar root certificate from the Microsoft Certificate Trust List. All supported editions of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 use the Microsoft Certificate Trust List to validate the trust of a certification authority. Users of these operating systems will be presented with an invalid certificate error when they browse to a Web site or try to install programs signed by the DigiNotar root certificate. In those cases users should follow the instructions in the message. Microsoft will release a future update to address this issue for all supported editions of Windows XP and Windows Server 2003. Microsoft is continuing to investigate this issue and may release future updates to help protect customers..."
- https://blogs.technet.com/b/msrc/arc...y-2607712.aspx
- https://blog.mozilla.com/security/20...m-certificate/
"... We have received reports of these certificates being used in the wild... we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly..."
___
- http://h-online.com/-1333088
30 August 2011
:fear: