It is the second Tuesday of the month which means it is patch day over at Microsoft. The Redmond based company has released a total of four security bulletins that month. One bulletin has received a maximum severity rating of critical, while the three others one of important. The critical vulnerability addresses a issue in the Bluetooth stack that could allow remote code execution. Affected are only Microsoft Windows Vista and Windows 7, and not Windows XP or earlier operating systems.
Two of the three remaining vulnerabilities address issues in the Windows operating system as well. Security bulletin MS11-054 describes a vulnerability in Windows Kernel-Mode drivers that could allow elevation of privileges, while bulletin MS11-056 a vulnerability in the Windows Client and Server run-time subsystem.
All supported Microsoft client and server operating systems are affected by the two security vulnerabilities. The last issue is a vulnerability in Microsoft Visio.
Here is an overview of all four security bulletins with links to their pages at the Microsoft Technet website.
The patches are as usual already available via Windows Update, Microsoft Update and via the Microsoft Download Center. The monthly exploit mitigation guide at the Technet Security blog provides additional information about the vulnerabilities and deployment strategies.
Probably the easiest way to deploy the security updates to a single system is via Windows Update.
Just click on Start > All Programs > Windows Update to open the update screen. You may need to click on Check for updates on the left sidebar if your computer has been up for some time and the updates are not displayed directly in the main window.
Have you updated your system yet? Am I the only user who feels that Microsoft's Download Center is not usable at all at the moment?
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.