Microsoft March 2011 Patch Day Overview
Microsoft has released new security patches on yesterday's Patch Day that address vulnerabilities in various Microsoft products including Microsoft Windows and Microsoft Office.
The updates that have been released are already available via Windows Update and the Microsoft Download Center.
One of the vulnerabilities has a maximum severity rating of critical, the highest possible. The two remaining vulnerabilities are rated as important.
A critical vulnerability has been discovered in Windows Media that could be exploited for remote code execution. The vulnerability has been rated as critical for all Microsoft client operating systems, from Windows XP to Windows 7.
Windows Server 2008 R2 is the only server product affected, the vulnerability received a rating of important on this system.
Below are links to each security bulletin. The Bulletins offer information about the affected products, severity rating and non-affected software.
- MS11-015 - Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030) - This security update resolves one publicly disclosed vulnerability in DirectShow and one privately reported vulnerability in Windows Media Player and Windows Media Center. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so.
- MS11-017 - Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) - This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
- MS11-016 - Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047) - This security update resolves a publicly disclosed vulnerability in Microsoft Groove that could allow remote code execution if a user opens a legitimate Groove-related file that is located in the same network directory as a specially crafted library file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Users can update their Windows operating system and Microsoft Office via Windows Update, the Microsoft Download Center or by downloading the March 2011 Security Release ISO image.
In other news, Microsoft is still working on a fix for the MHTML-related vulnerability that was discovered in January. Additional information are available at the Microsoft Security Response Center.
Previous Post: « MultiScan, Scan Local Files With Multiple Antivirus Programs
Next Post: Microsoft Updates Windows To Block Fraudulent Digital Certificates »
I’ve not had an update yet! Critical! EEek! I’m sure it’ll kick in any time soon when I’m in the middle of a bit of important work.
I wish they’d change that popup thing though that says “You can continue working whilst we churn your hard drive excessively for 20 minutes whilst lulling you into a false sense of security and then we’ll ask for a reboot”.
I hate updates! They always seem to be followed by everyone else deciding they want to update too and then I have to do about 4 reboots before I can start any more!
I’m on XP still though and it’s pretty stable so I’m reluctant to upgrade to something shiny and new – especially as I’ll probably need a new computer to run the latest windows ensemble!
@Emily – You can easily change update settings from check->download->install automatically to letting you to choose when to download or when to install.
These 2 updates are for rather esoteric functions that average home users would probably never use.
” If a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file? How often do you open such a file anywhere besides your own system, assuming you’re even using your computer’s media center to record video?
” If a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file?” Any sensible user should have Remote Desktop disabled anyway. I would assume this update is targeted at corporate networks.
Thanks again Martin, for this overview from this mount Microsoft Updates. Not ferry much news under the sun, but still and the pictures who i can enlarge now are really helping.
The last thing I saw was 4 security updates processing on morning 9th March when I was shutting down the PC – on going to use the PC in the evening it won’t start saying that the NTLDR is missing and looping to this message after I use Ctrl+Alt+Del as it asks.
What do i do now to get the PC working?
Peter look here for help: http://support.microsoft.com/kb/318728
Thanks Martin for your tip – this solution is for Windows 2000 – does it still essentially work for Windows XP, which I failed to mention my PC runs on?
This page is for XP as well http://support.microsoft.com/kb/320397