Sales
0161 215 3814
0800 953 0642
Support
0800 230 0032
0161 215 3711

July 2011 Security Bulletin Release Advance Notification

This ‘Patch Tuesday’ for July 2011, sees the release of 4 bulletins addressing 22 vulnerabilities:
Bulletin Breakdown:

  • 1 bulletin is rated Critical
  • 3 bulletins are rated Important
  • 2 vulnerabilities can lead to Remote Code Execution
  • 2 vulnerabilities can lead to Elevation of Privilege

The following table summarizes the security bulletins for this month in order of severity.

Bulletin ID Bulletin Title and Executive Summary Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
MS11-053 Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)This security update resolves a privately reported vulnerability in the Windows Bluetooth Stack. The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only affects systems with Bluetooth capability. Critical
Remote Code Execution
Requires restart Microsoft Windows
MS11-054 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)This security update resolves 15 privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. Important
Elevation of Privilege
Requires restart Microsoft Windows
MS11-056 Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938) This security update resolves five privately reported vulnerabilities in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerabilities could allow elevation of privilege if an attacker logs on to a user’s system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities. Important
Elevation of Privilege
Requires restart Microsoft Windows
MS11-055 Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847) This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Important
Remote Code Execution
May require restart Microsoft Office

 

This month sees a relatively light patch Tuesday in comparison to recent months from Microsoft

 

The full list of software affected by these updates is:

 

  • All supported Microsoft operating systems
  • Microsoft Visio 2003

We will issue further information on the impact of this month’s updates once they have been released for testing from the 13th of July.

The ‘Microsoft Security Bulletin Notification for July 2011‘ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 15th June (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

Share with:

Enjoy this article?