With this Microsoft Patch Tuesday update, we see a relatively small set of updates in comparison to those lists of updates released by Microsoft for the month of January and February. In total there are three Microsoft Security Updates with the following rating; 1 Critical, and 2 rated Important. This is a small update from Microsoft and the potential impact for the updates is likely to be very small.
As part of the Patch Tuesday Security Update analysis performed by the ChangeBASE AOK team, we have seen very little cause for potential compatibility issues; in fact, this patch update raised no issues against our sample database.
Given the nature of the changes and updates included in each of these patches, most systems will require a reboot to successfully implement any and all of the patches and updates released in this March Patch Tuesday release cycle.
As part of the testing Summary for this March 2011 Patch Tuesday update, here is a quick snap-shot the AOK Summary results page generated from these 3 Plugins on a small sample database:
Testing Summary - MS11-015 : Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030)
- MS11-016 : Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047)
- MS11-017 : Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062)
| Patch Name | Total
Issues | Matches
Affected | Reboot | Rating | RAG |
| Microsoft Security Bulletin MS11-015 | <1% | <1% | YES | |  |
| Microsoft Security Bulletin MS11-016 | <1% | <1% | YES | | |
| Microsoft Security Bulletin MS11-017 | <1% | <1% | YES | | |
Legend:
| No Issues Detected |
 | Potentially fixable application Impact |
 | Serious Compatibility Issue |
Security Update Detailed Summary
| MS11-015 | Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030) |
| Description | This security update resolves one publicly disclosed vulnerability in DirectShow and one privately reported vulnerability in Windows Media Player and Windows Media Center. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so. |
| Payload | Encdec.dll, Sbe.dll |
| Impact | Critical - Remote Code Execution |
| MS11-016 | Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047) |
| Description | This security update resolves a publicly disclosed vulnerability in Microsoft Groove that could allow remote code execution if a user opens a legitimate Groove-related file that is located in the same network directory as a specially crafted library file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
| Payload | Groove.exe, Groovedocumentsharetool.dll, Grooveutil.dll, Groovewebplatformservices.dll, Groovewebservices.dll |
| Impact | Important - Remote Code Execution |
| MS11-017 | Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) |
| Description | This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application. |
| Payload | 2k3mstsc.exe, 2k3mstscax.dll |
| Impact | Important - Remote Code Execution |
*All results are based on an AOK Application Compatibility Lab’s test portfolio of over 1,000 applications.
No comments:
Post a Comment