Microsoft March 2011 Patch Day Overview
Microsoft has released new security patches on yesterday's Patch Day that address vulnerabilities in various Microsoft products including Microsoft Windows and Microsoft Office.
The updates that have been released are already available via Windows Update and the Microsoft Download Center.
One of the vulnerabilities has a maximum severity rating of critical, the highest possible. The two remaining vulnerabilities are rated as important.
A critical vulnerability has been discovered in Windows Media that could be exploited for remote code execution. The vulnerability has been rated as critical for all Microsoft client operating systems, from Windows XP to Windows 7.
Windows Server 2008 R2 is the only server product affected, the vulnerability received a rating of important on this system.
Below are links to each security bulletin. The Bulletins offer information about the affected products, severity rating and non-affected software.
- MS11-015 - Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030) - This security update resolves one publicly disclosed vulnerability in DirectShow and one privately reported vulnerability in Windows Media Player and Windows Media Center. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so.
- MS11-017 - Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) - This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
- MS11-016 - Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047) - This security update resolves a publicly disclosed vulnerability in Microsoft Groove that could allow remote code execution if a user opens a legitimate Groove-related file that is located in the same network directory as a specially crafted library file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Users can update their Windows operating system and Microsoft Office via Windows Update, the Microsoft Download Center or by downloading the March 2011 Security Release ISO image.
In other news, Microsoft is still working on a fix for the MHTML-related vulnerability that was discovered in January. Additional information are available at the Microsoft Security Response Center.Advertisement