Wednesday 11 May 2011

Microsoft Patch Tuesday: May 2011


With this May Microsoft Patch Tuesday update, we see a relatively small set of updates in comparison to those lists of updates released by Microsoft for the months of January and February earlier this year. In total there are two Microsoft Security Updates with the following rating; 1 Critical, and 1 rated Important. This is a small update from Microsoft and the potential impact for the updates is likely to be very small.
As part of the Patch Tuesday Security Update analysis performed by the ChangeBASE AOK team, we have seen very little cause for potential compatibility issues.
Given the nature of the changes and updates included in each of these patches, most systems will require a reboot to successfully implement any and all of the patches and updates released in this May Patch Tuesday release cycle.

  • Sample Results 1: MS11-035 Vulnerability in WINS Could Allow Remote Code Execution
  • Sample Results 2: MS11-036 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution
  • Sample Results 3: AOK Summary Report Sample from a small database



Sample Image 1: MS11-035



Sample Image 1: MS11-036



Sample Image 3: Sample Summary Report Image


Testing Summary
  • MS11-035 : Vulnerability in WINS Could Allow Remote Code Execution (2524426)
  • MS11-036 : Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)


Patch NameTotal
Issues
Matches
Affected
RebootRatingRAG
Microsoft Security Bulletin MS11-035<1%<1%YESGreen
Microsoft Security Bulletin MS11-036<1%<1%YESGreen

Legend:
No IssueNo Issues Detected
FixablePotentially fixable application Impact
SeriousSerious Compatibility Issue

Security Update Detailed Summary
MS11-035Vulnerability in WINS Could Allow Remote Code Execution (2524426)
DescriptionThis security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. By default, WINS is not installed on any affected operating system. Only customers who manually installed this component are affected by this issue.
PayloadW03a3409.dll, Wins.exe, Winsevnt.dll, Ww03a3409.dll, Wwins.exe, Wwinsevnt.dll
Impact Critical - Remote Code Execution

MS11-036Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)
DescriptionThis security update resolves two privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1269 and CVE-2011-1270.
PayloadPowerpnt.exe, Pp7x32.dll
Impact Important - Remote Code Execution


*All results are based on an AOK Application Compatibility Lab’s test portfolio of over 1,000 applications.

No comments: