With this May Microsoft Patch Tuesday update, we see a relatively small set of updates in comparison to those lists of updates released by Microsoft for the months of January and February earlier this year. In total there are two Microsoft Security Updates with the following rating; 1 Critical, and 1 rated Important. This is a small update from Microsoft and the potential impact for the updates is likely to be very small.
As part of the Patch Tuesday Security Update analysis performed by the ChangeBASE AOK team, we have seen very little cause for potential compatibility issues.
Given the nature of the changes and updates included in each of these patches, most systems will require a reboot to successfully implement any and all of the patches and updates released in this May Patch Tuesday release cycle.
- Sample Results 1: MS11-035 Vulnerability in WINS Could Allow Remote Code Execution
- Sample Results 2: MS11-036 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution
- Sample Results 3: AOK Summary Report Sample from a small database
Sample Image 1: MS11-035
Sample Image 1: MS11-036
Sample Image 3: Sample Summary Report Image
Testing Summary
- MS11-035 : Vulnerability in WINS Could Allow Remote Code Execution (2524426)
- MS11-036 : Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)
| Patch Name | Total Issues | Matches Affected | Reboot | Rating | RAG |
|---|---|---|---|---|---|
| Microsoft Security Bulletin MS11-035 | <1% | <1% | YES |  | |
| Microsoft Security Bulletin MS11-036 | <1% | <1% | YES | |
Legend:
| No Issues Detected |
 | Potentially fixable application Impact |
 | Serious Compatibility Issue |
Security Update Detailed Summary
| MS11-035 | Vulnerability in WINS Could Allow Remote Code Execution (2524426) |
| Description | This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system. Only customers who manually installed this component are affected by this issue. |
| Payload | W03a3409.dll, Wins.exe, Winsevnt.dll, Ww03a3409.dll, Wwins.exe, Wwinsevnt.dll |
| Impact | Critical - Remote Code Execution |
| MS11-036 | Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814) |
| Description | This security update resolves two privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1269 and CVE-2011-1270. |
| Payload | Powerpnt.exe, Pp7x32.dll |
| Impact | Important - Remote Code Execution |
*All results are based on an AOK Application Compatibility Lab’s test portfolio of over 1,000 applications.
No comments:
Post a Comment