Old MS Alerts

[AplusWebMaster]

FYI...

MS Office 2010 SP1 available
- http://blogs.technet.com/b/office_su...d_engineering/
June 29, 2011 - "... Today SP1 is available from the Download center. The Downloads Table below provides links to the new packages for SP1. If you have installed all Office Automatic Updates, you will also see SP1 available as a manual download from Microsoft Update. After a 90 day grace period, SP1 will be offered as an automatic update through Microsoft Update..."

- http://technet.microsoft.com/en-us/office/ee748587.aspx

- http://support.microsoft.com/kb/2460049

.

[AplusWebMaster]

FYI...

MS to retire Office XP, Vista SP1 next week
- https://www.computerworld.com/s/arti..._SP1_next_week
July 5, 2011 - "Microsoft will retire 2001's Office XP and the first service pack for Windows Vista next week, according to the company's published schedule. Both Office XP and Vista Service Pack 1 (SP1) will exit all support July 12, this month's Patch Tuesday. That date will be the last time Microsoft issues security updates for the aging suite and Vista SP1... Microsoft generally patches security vulnerabilities in its products throughout the entire 10-year stretch. Although Office XP's support expires next week, Vista users can continue to receive security updates by upgrading to SP2... Office 2003, the follow-up to Office XP, will receive security updates until April 2014. Office 2007 and Office 2010 will get patches until April 2017 and October 2020, respectively. Office XP and Vista SP1 were last patched three weeks ago when Microsoft issued 16 security updates that fixed 34 flaws."

Office XP
- http://support.microsoft.com/lifecycle/?p1=2533

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../MS11-jul.mspx
July 07, 2011 - "This is an advance notification of security bulletins that Microsoft is intending to release on July 12, 2011... (Total 0f -4-)

Bulletin 1 - Critical - Remote Code Execution - Requires restart - Microsoft Windows

Bulletin 2 - Important - Elevation of Privilege - Requires restart - Microsoft Windows

Bulletin 3 - Important - Elevation of Privilege - Requires restart - Microsoft Windows

Bulletin 4 - Important - Remote Code Execution - May require restart - Microsoft Office ..."

.

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../MS11-jul.mspx
July 12, 2011 - "This bulletin summary lists security bulletins released for July 2011... (Total of -4-)

Critical

Microsoft Security Bulletin MS11-053 - Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)
- http://www.microsoft.com/technet/sec.../MS11-053.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Important

Microsoft Security Bulletin MS11-054 - Important
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)
- http://www.microsoft.com/technet/sec.../ms11-054.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows
"This security update resolves -15- privately reported vulnerabilities in Microsoft Windows..."

Microsoft Security Bulletin MS11-056 - Important
Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)
- http://www.microsoft.com/technet/sec.../ms11-056.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows
"This security update resolves -5- privately reported vulnerabilities in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS)..."

Microsoft Security Bulletin MS11-055 - Important
Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)
- http://www.microsoft.com/technet/sec.../MS11-055.mspx
Important - Remote Code Execution - May require restart - Microsoft Office

- http://www.microsoft.com/technet/sec...y/2269637.mspx
• V8.0 (July 12, 2011): Added the update in Microsoft Knowledge Base Article 2533623 and the update in Microsoft Security Bulletin MS11-055, "Vulnerability in Microsoft Visio Could Allow Remote Code Execution," to the Updates relating to Insecure Library Loading section. The update in Microsoft Knowledge Base Article 2533623 implements Application Programming Interface (API) enhancements in Windows to help developers correctly and securely load external libraries.
- http://support.microsoft.com/kb/2533623
Last Review: July 12, 2011 - Revision: 2.1
___

- http://krebsonsecurity.com/2011/07/m...law-21-others/
July 12th, 2011 - "... updates to fix at least -22- security flaws in its Windows operating systems and other software..."
___

ISC Analysis
- http://isc.sans.edu/diary.html?storyid=11191
Last Updated: 2011-07-13 15:07:26 UTC ...(Version: 2)
___

Deployment Priority
- http://blogs.technet.com/cfs-filesys...deployment.png

Severity and Exploitability Index
- http://blogs.technet.com/cfs-filesys...ty_2D00_xi.png
___

- http://www.securitytracker.com/id/1025760 - MS11-053
- http://www.securitytracker.com/id/1025761 - MS11-054
- http://www.securitytracker.com/id/1025762 - MS11-056
- http://www.securitytracker.com/id/1025763 - MS11-055
July 12 2011
___

Q&A - MSRC July 2011 Security Bulletin Release
- http://blogs.technet.com/b/msrc/p/ju...letin-q-a.aspx
July 13, 2011
___

MSRT
- http://support.microsoft.com/?kbid=890830
July 12, 2011 - Revision: 89.0
(Recent additions)
- http://www.microsoft.com/security/pc...-families.aspx
... added this release...
• Tracur
• Dursg

Download:
- http://www.microsoft.com/downloads/e...displaylang=en
File Name: windows-kb890830-v3.21.exe 13.0MB

To download the x64 version of MSRT, click here:
- http://www.microsoft.com/downloads/d...displaylang=en
File Name: windows-kb890830-x64-v3.21.exe 13.0MB

- http://blogs.technet.com/b/mmpc/arch...r-malware.aspx
12 Jul 2011

.

[AplusWebMaster]

FYI...

July MSRT on web redirector malware
- http://blogs.technet.com/b/mmpc/arch...r-malware.aspx
28 Jul 2011 - "... Since the release of MSRT on July 12, we have removed 516,517 Win32/Tracur threats from 242,517 computers making this malware the top threat on the list. Another 91,041 instances of Win32/Dursg were removed from 73,166 computers... The big number of Tracur threats can be accounted to its dropped files. Tracur will drop modified copies of itself in the <system folder> using file names derived from existing Windows DLL names with an appended string “32”, such as hal32.dll, olecli3232.dll, olecli3232.exe, and authz32.dll. Checking the origin of detections for Tracur*, United States has the highest percentage of infections with 80%, followed by Japan, France, and Canada, accounting for 3% of detections each...
* http://www.microsoft.com/security/po...1-012-001b.png
For Dursg**, United States has 56% of the detected infections, followed by Turkey, Canada, and United Kingdom..."
** http://www.microsoft.com/security/po...11-012-002.png

[AplusWebMaster]

FYI...

- http://www.microsoft.com/technet/sec.../MS11-aug.mspx
August 04, 2011 - "This is an advance notification of security bulletins that Microsoft is intending to release on August 9, 2011..." (Total of -13-)

Bulletin 1 - Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Bulletin 2 - Critical - Remote Code Execution - Requires restart - Microsoft Windows
Bulletin 3 - Important - Remote Code Execution - Requires restart - Microsoft Windows
Bulletin 4 - Important - Remote Code Execution - May require restart - Microsoft Office
Bulletin 5 - Important - Elevation of Privilege - May require restart - Microsoft Windows
Bulletin 6 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
Bulletin 7 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
Bulletin 8 - Important - Denial of Service - Requires restart - Microsoft Windows
Bulletin 9 - Important - Denial of Service - Requires restart - Microsoft Windows
Bulletin 10 - Important - Information Disclosure - May require restart - Microsoft .NET Framework, Microsoft Developer Tools
Bulletin 11 - Important - Information Disclosure - May require restart - Microsoft Developer Tools
Bulletin 12 - Moderate - Information Disclosure - May require restart - Microsoft .NET Framework
Bulletin 13 - Moderate - Denial of Service - Requires restart - Microsoft Windows ..."

.

[AplusWebMaster]

FYI...

- https://www.microsoft.com/technet/se.../MS11-aug.mspx
August 09, 2011 - "This bulletin summary lists security bulletins released for August 2011... (Total of -13-)

Critical - 2

Microsoft Security Bulletin MS11-057 - Critical
Cumulative Security Update for Internet Explorer (2559049)
- https://www.microsoft.com/technet/se.../MS11-057.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS11-058 - Critical
Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)
- https://www.microsoft.com/technet/se.../ms11-058.mspx
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Important - 9

Microsoft Security Bulletin MS11-059 - Important
Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656)
- https://www.microsoft.com/technet/se.../ms11-059.mspx
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS11-060 - Important
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978)
- https://www.microsoft.com/technet/se.../ms11-060.mspx
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS11-061 - Important
Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)
- https://www.microsoft.com/technet/se.../ms11-061.mspx
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS11-062 - Important
Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454)
- https://www.microsoft.com/technet/se.../ms11-062.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS11-063 - Important
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)
- https://www.microsoft.com/technet/se.../ms11-063.mspx
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS11-064 - Important
Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
- https://www.microsoft.com/technet/se.../ms11-064.mspx
Important - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS11-065 - Important
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)
- https://www.microsoft.com/technet/se.../ms11-065.mspx
Important - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS11-066 - Important
Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
- https://www.microsoft.com/technet/se.../ms11-066.mspx
Important - Information Disclosure - May require restart - Microsoft .NET Framework, Microsoft Developer Tools

Microsoft Security Bulletin MS11-067 - Important
Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
- https://www.microsoft.com/technet/se.../ms11-067.mspx
Important - Information Disclosure - May require restart - Microsoft Developer Tools

Moderate - 2

Microsoft Security Bulletin MS11-068 - Moderate
Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)
- https://www.microsoft.com/technet/se.../ms11-068.mspx
Moderate - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS11-069 - Moderate
Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
- https://www.microsoft.com/technet/se.../ms11-069.mspx
Moderate - Information Disclosure - May require restart - Microsoft .NET Framework
___

Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesy...11_2D00_xi.png

Deployment Priority
- https://blogs.technet.com/cfs-filesy...D00_deploy.png
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=11341
Last Updated: 2011-08-09 19:35:25 UTC
___

MSRT
- http://support.microsoft.com/?kbid=890830
August 9, 2011 - Revision: 90.0 - "... The Malicious Software Removal Tool runs in quiet mode. If it detects malicious software on your computer, the next time that you log on to your computer as a computer administrator, a balloon will appear in the notification area to make you aware of the detection..."

(Recent additions)
- http://www.microsoft.com/security/pc...-families.aspx
... added this release...
• FakeSysdef
• Hiloti

Download:
- http://www.microsoft.com/security/pc...e-removal.aspx
File Name: windows-kb890830-v3.22.exe
- https://www.microsoft.com/download/e...s.aspx?id=9905
x64 version of MSRT:
File Name: windows-kb890830-x64-v3.22.exe

MSRT August '11 ...
- https://blogs.technet.com/b/mmpc/arc...akesysdef.aspx
10 Aug 2011

.

[AplusWebMaster]

FYI...

Microsoft Security Advisory (2562937)
Update Rollup for ActiveX Kill Bits
- https://www.microsoft.com/technet/se...y/2562937.mspx
August 09, 2011 - "Microsoft is releasing a new set of ActiveX kill bits with this advisory. This update sets the kill bits for the following third-party software:
• CheckPoint SSL VPN On-Demand applications...
• ActBar... IBM...
• EBI R Web Toolkit... Honeywell..."

Microsoft Security Advisory (2269637)
Insecure Library Loading Could Allow Remote Code Execution
- https://www.microsoft.com/technet/se...y/2269637.mspx
August 09, 2011 - "... Update released on August 9, 2011
• MS11-059*, "Vulnerability in Data Access Components Could Allow Remote Code Execution," provides support for a vulnerable component of Microsoft Windows that is affected by the Insecure Library Loading class of vulnerabilities described in this advisory..."
* https://www.microsoft.com/technet/se.../ms11-059.mspx

.

[AplusWebMaster]

FYI...

MS11-043 re-released... Critical
Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)
- https://www.microsoft.com/technet/se.../MS11-043.mspx
Published: June 14, 2011 | Updated: August 09, 2011
• "V2.0 (August 9, 2011): Bulletin rereleased to reoffer the update on all supported operating systems to address a stability issue. Customers who have already successfully updated their systems should reinstall this update."

- http://support.microsoft.com/kb/2536276
Last Review: August 9, 2011 - Revision: 3.0

[AplusWebMaster]

FYI...

Microsoft Security Advisory (2607712)
Fraudulent Digital Certificates Could Allow Spoofing
- https://www.microsoft.com/technet/se...y/2607712.mspx
August 29, 2011 V2.0 - "Microsoft is aware of at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store, on all supported releases of Microsoft Windows. Although this is not a vulnerability in a Microsoft product, Microsoft is taking action to protect customers. Microsoft has been able to confirm that one digital certificate affects all subdomains of google.com and may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. Microsoft is continuing to investigate how many more certificates have been fraudulently issued. As a precautionary measure, Microsoft has removed the DigiNotar root certificate from the Microsoft Certificate Trust List. All supported editions of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 use the Microsoft Certificate Trust List to validate the trust of a certification authority. Users of these operating systems will be presented with an invalid certificate error when they browse to a Web site or try to install programs signed by the DigiNotar root certificate. In those cases users should follow the instructions in the message. Microsoft will release a future update to address this issue for all supported editions of Windows XP and Windows Server 2003. Microsoft is continuing to investigate this issue and may release future updates to help protect customers..."

- https://blogs.technet.com/b/msrc/arc...y-2607712.aspx

- https://blog.mozilla.com/security/20...m-certificate/
"... We have received reports of these certificates being used in the wild... we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly..."
___

- http://h-online.com/-1333088
30 August 2011