Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Microsoft Patch Tuesday - August 2011

August 10, 2011

  • Blog
  • Archive
True to form for the even months of 2011, Microsoft released thirteen security bulletins today. Of the most interest are MS11-057 (Internet Explorer) and MS11-058 (DNS Server). While it has become fairly commonplace for Microsoft to release an Internet Explorer patch every other month, this release also patches IE9 - the second time a critical vulnerability has been patched in Microsoft's latest browser since its release in March. Adobe released five security bulletins of their own today. They patched the usual suspects (Shockwave, Flash Player, Flash Media Server) plus Photoshop CS5 (memory corruption when viewing a malicious GIF file) and RoboHelp (another XSS vulnerability). Sign up for tomorrow's Vulnerability Expert Forum (VEF) for more details. The eEye Research Team will have lots to cover this month, so be sure to join us for our complete analysis. Here are our recommendations for the security updates. Retina Network Security Scanner customers can view the list of audits associated with these bulletins.
Deploy Immediately MS11-057 – Cumulative Security Update for Internet Explorer (2559049) Recommendation: Install the patch immediately to prevent exploitation by attackers. Until the patch can be installed, block ports 139 and 445 using a firewall, prevent the WebClient service from running, read emails in plain text, block ActiveX controls and block/disable Active Scripting in both Internet and Local intranet zones. Additionally, the default cookie folder should be renamed to a random name and the registry key, HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersCookies, should reflect this new name. MS11-058 – Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) Recommendation: Install the patch immediately to prevent exploitation by attackers. If the DNS service is not being used, stopping or disabling the service will help to mitigate the vulnerability. Best practices suggest disabling unused services, so any services that are not required should be disabled, as part of a standard security policy. Deploy As Soon As Possible MS11-059 – Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656) Recommendation: Deploy patch as soon as possible. Until the patch can be applied, block ports 139 and 445 using a firewall, prevent the WebClient service from running, and prevent DLLs from being loaded from WebDAV and remote shares. MS11-060 – Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978) Recommendation: Deploy patch as soon as possible, since no reasonable mitigation is available. MS11-061 – Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250) Recommendation: Deploy patch as soon as possible. Until the patch can be installed, enable the XSS filter in Internet Explorer (available in versions 8 and higher). MS11-062 – Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454) Recommendation: Deploy patch as soon as possible, since no mitigation is available. MS11-063 – Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680) Recommendation: Deploy patch as soon as possible, since no mitigation is available. MS11-064 – Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894) Recommendation: Deploy patch as soon as possible. Until the patch can be installed, block ICMP packets by using a firewall. If it will not interfere with network efficiency, it is advised to disable Policy-based Quality of Service. MS11-065 – Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222) Recommendation: Deploy patch as soon as possible. Until the patch can be applied, block TCP port 3389 using a firewall, and disable any unused remote access services (such as Terminal Services, Remote Desktop, Remote Assistance, and Remote Web Workplace). MS11-066 – Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943) Recommendation: Deploy patch as soon as possible, since no mitigation is available. MS11-067 – Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230) Recommendation: Deploy patch as soon as possible. Until the patch can be installed, block ActiveX controls and block/disable Active Scripting in both Internet and Local intranet zones. Deploy At Earliest Convenience MS11-068 – Vulnerability in Windows Kernel Could Allow Denial of Service (2556532) Recommendation: Deploy patch at the earliest convenience. Until the patch can be applied, block ports 139 and 445 using a firewall, prevent the WebClient service from running, and disable both the Preview and Details Pane in Windows Explorer. MS11-069 – Vulnerability in .NET Framework Could Allow Information Disclosure (2567951) Recommendation: Deploy patch at the earliest convenience. Until the patch can be installed, prevent XAML browser applications from running within Internet Explorer, since this is the most likely target for exploiting this vulnerability.

Chris Silva,

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.