Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Microsoft Patch Tuesday - June 2011

June 15, 2011

  • Blog
  • Archive
Another even month, another huge security bulletin release by Microsoft. Those who took my advice and convinced their bosses to let them take vacation this month avoided 16 security bulletins - hopefully your co-workers will have them fully tested and deployed before you return. For those of us not sitting on a beach somewhere, there is lots of work to be done. Not only did Microsoft release bulletins today, but it is also the quarterly release of Adobe security bulletins - patching Flash, Shockwave, Acrobat, Acrobat Reader, LiveCycle and ColdFusion. Tomorrow's Vulnerability Expert Forum (VEF) should be a good one. The eEye Research Team will have lots to cover this month, so be sure to join us for our complete anlaysis. Here are our recommendations for the sixteen security updates. Retina Network Security Scanner customers can view the list of audits associated with these bulletins.
Deploy Immediately MS11-038 – Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490) Recommendation: Deploy patches immediately to prevent exploitation by attackers. Until the patches can be installed, prevent access to vbscript.dll, read emails in plain text, block ActiveX controls and block/disable Active Scripting in both Internet and Local Internet zones. MS11-039 – Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842) Recommendation: Deploy patches immediately to prevent exploitation by attackers. Until the patches can be installed, prevent partially trusted .NET applications from running, by using the caspol command. Prevent Internet Explorer, Firefox, and Chrome from running XAML applications. MS11-040 – Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426) Recommendation: Deploy patches immediately to prevent exploitation by attackers. Until the patches can be installed, prevent the TMG Client from being used by disabling it. MS11-042 – Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512) Recommendation: Deploy patches immediately as no forms of mitigation are available. MS11-043 – Vulnerability in SMB Client Could Allow Remote Code Execution (2536276) Recommendation: Deploy patches immediately to prevent exploitation by attackers. Until the patches can be installed, block ports 139 and 445 at the network perimeter. MS11-045 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146) Recommendation: Deploy patches immediately to prevent exploitation by attackers. Until the patches can be installed, administrators can set a Microsoft Office File Block Policy to block all files from Office 2003 and earlier from unknown and untrusted sources. Additionally, files that do not pass Office File validation should be prevented from opening. CVE-2011-1275, CVE-2011-1277, and CVE-2011-1278 have no reasonable mitigations, so patching is the only way to protect against these vulnerabilities. MS11-046 – Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665) Recommendation: Deploy patches immediately as no forms of mitigation are available. MS11-050 – Cumulative Security Update for Internet Explorer (2530548) Recommendation: Deploy patches immediately to prevent exploitation by attackers. Until the patches can be installed, read emails in plain text, block ActiveX controls and block/disable Active Scripting in both Internet and Local Internet zones. MS11-052 – Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521) Recommendation: Deploy patches immediately to prevent exploitation by attackers. Until the patches can be installed, read emails in plain text, block ActiveX controls and block/disable Active Scripting in both Internet and Local Internet zones.
Deploy As Soon As Possible MS11-041 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694) Recommendation: Deploy patches as soon as possible. Until the patches can be installed, disable the Preview Pane in Windows Explorer, the Details Pane in Windows Explorer, and the WebClient Service. MS11-044 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814) Recommendation: Deploy patches as soon as possible. Until the patches can be installed, prevent partially trusted .NET applications from running, by using the caspol command. Prevent Internet Explorer, Firefox, and Chrome from running XAML applications. MS11-048 – Vulnerability in SMB Server Could Allow Denial of Service (2536275) Recommendation: Deploy patches as soon as possible. Until the patches can be installed, block ports 139 and 445 at the network perimeter.
Deploy At Earliest Convenience MS11-037 – Vulnerability in MHTML Could Allow Information Disclosure (2544893) Recommendation: Deploy patches at the earliest convenience. Until the patches can be installed, disable the MHTML handler by deleting the HKCRPROTOCOLSHandlermhtml registry key. MS11-047 – Vulnerability in Hyper-V Could Allow Denial of Service (2525835) Recommendation: Deploy patches at the earliest convenience as no forms of mitigation are available. MS11-049 – Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) Recommendation: Deploy patches at the earliest convenience as no forms of mitigation are available. MS11-051 – Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295) Recommendation: Deploy patches at the earliest convenience. Until the patches can be installed, turn on the IE8/9 XSS filter for the Intranet Zone.

Chris Silva,

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.