Given the nature of the changes and updates included in each of these patches, most systems will require a reboot to successfully implement any and all of the patches and updates released in this July Patch Tuesday release cycle.
Sample Results for Microsoft Update MS11-055
Below this is a snap-shot of the AOK Summary Results report from a sample AOK database and the potential issues raised with each Microsoft Security Update.
Testing Summary
- MS11-053 : Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)
- MS11-054 : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)
- MS11-055 : Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)?
- MS11-056 : Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)?
| Patch Name | Total Issues | Matches Affected | Reboot | Rating | RAG |
|---|---|---|---|---|---|
| Microsoft Security Bulletin MS11-053 | <1% | <1% | YES |  | |
| Microsoft Security Bulletin MS11-054 | <1% | <1% | YES | | |
| Microsoft Security Bulletin MS11-055 | <1% | <1% | YES | | |
| Microsoft Security Bulletin MS11-056 | <1% | <1% | YES | |
Legend:
| No Issues Detected |
 | Potentially fixable application Impact |
 | Serious Compatibility Issue |
Security Update Detailed Summary
| MS11-053 | Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220) |
| Description | This security update resolves a privately reported vulnerability in the Windows Bluetooth Stack. The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only affects systems with Bluetooth capability. |
| Payload | Bthenum.sys, Bthport.sys, Bthusb.sys, Fsquirt.exe |
| Impact | Critical - Remote Code Execution |
| MS11-054 | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) |
| Description | This security update resolves 15 privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. |
| Payload | Win32k.sys, W32ksign.dll |
| Impact | Important - Elevation of Privilege |
| MS11-055 | Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)? |
| Description | This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
| Payload | Omfc.dll, Omfcu.dll_0001 |
| Impact | Important - Remote Code Execution |
| MS11-056 | Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)? |
| Description | This security update resolves five privately reported vulnerabilities in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities. |
| Payload | Csrsrv.dll, Winsrv.dll |
| Impact | Important - Elevation of Privilege |
1 comment:
My Win 7 machine, was shutdown/restarted with no warning. I'm glad I was only browsing the web. If I had been on an important conference call, or editing a big excel sheet, I had no chance.
Post a Comment