Microsoft April 2011 Patch Day Overview
Yesterday's monthly patch day was a big one, with 17 bulletins fixing a total of 64 security issues in Microsoft products.
Affected applications include Microsoft Windows, Microsoft Office and Internet Explorer.
If you look closer you notice that nine of the 17 patches have a maximum severity rating of critical, the highest possible rating. This means that at least one Microsoft service or product is affected by it this way with others either affected in the same way, to a lesser degree or not at all.
The remaining patches have a rating of important.
When you look at the number of critical vulnerabilities of each individual operating system you will notice that Windows Vista leads the pack with nine critical security vulnerabilities followed by Windows 7 with eight and Windows XP with seven.
- MS11-018 - Cumulative Security Update for Internet Explorer (2497640 ) - critical - Remote Code Execution
- MS11-019 - Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455) - critical - Remote Code Execution
- MS11-020 - Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) - critical - Remote Code Execution
- MS11-027 - Cumulative Security Update of ActiveX K ill Bits (2508272) - critical - Remote Code Execution
- MS11-028 - Vulnerability in .NET Framew ork Could Allow Remote Code Execution (2484015) - critical - Remote Code Execution
- MS11-029 - Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) - critical - Remote Code Execution
- MS11-030 - Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) - critical - Remote Code Execution
- MS11-031 - Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666) - critical - Remote Code Execution
- MS11-032 - Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618) - critical - Remote Code Execution
- MS11-021 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279) - important - Remote Code Execution
- MS11-022 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283) - important - Remote Code Execution
- MS11-023 - Vulnerabilities in Microsoft Office Could Allow Remote Code E xecution (2489293) - important - Remote Code Execution
- MS11-024 - Vulnerabilities in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308) - important - Remote Code Execution
- MS11-025 - Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212) - important - Remote Code Execution
- MS11-026 - Vulnerability in MHTML Could Allow Information Disclosure (2503658) - important - Information Disclosure
- MS11-033 - Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663) - Important - Remote Code Execution
- MS11-034 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223) - Important - Elevation of Privilege
The security patches protect the system against remote code execution, information disclosure and elevation of privileges.
You find information about each individual security bulletin, their severity rating and impact over at the Microsoft Security Bulletin Summary for April 2011.
Another interesting read is the risk assessment of April's security updates. Microsoft is aware that some issues are already exploited, while others are likely to be exploited in the coming 30 days.
Windows Updates are as usually available on various channels. Most Windows users are probably using automatic updates to install the new patches.
Those who do not can check manually for updates or visit the Microsoft Download Center to download the patches individually. Another option is to download the April Security Release ISO which contains all Windows patches released in April.
I got updates for Net Framework 4, which I have installed, but also for Net Framework 3.51 which I don’t have installed…is this normal?
I didn’t install the 3.51 update for the moment but I still get prompted for it: what do you guys suggest I should do?
Thanks :)
I got 30 updates myself, took it 2+ hours and a couple restarts…..
Another patch Tuesday ruining my productivity.
Hi Martin, Thanks again for this ferry clarifying monthly update bulletin with all the good leads and tips. Strange thing this mounth is that i got two times the update for Microsoft outlook social connector (KB2289116) installed, for main 64 bit Microsoft office professional plus 2010. I still not know why that is?
Huh, I (from germany) had on windows 7 home premium 24 updates
The number of updates for your system depend highly on the installed software and versions. No one gets all 60+ patches.
Ah! Thanks.