PCSentry

Software Updates – June 17, 2011

PCSentry — Fri, 17 Jun 2011 13:57:10 +0000

Security updates for the following applications have been released:

Adobe Acrobat 10.1.0 Pro and Standard
Adobe Acrobat 8.3.0 Pro and Standard
Adobe Acrobat 9.4.5 Pro and Standard
Adobe Air 2.7.0.19480
Adobe Flash Player 10.3.181.26
Adobe Flash Player 10.3.181.26 for Firefox, Safari, Opera
Adobe Reader 10.1.0
Adobe Reader 8.3.0
Adobe Reader 9.4.5
Adobe Shockwave Player 11.6.0.626
Google Chrome 12.0.742.100 – Stable channel – System level install
Skype 5.3.0.120
WinRAR 4.00 x32
WinRAR 4.00 x64
WinRAR 3.93 x32
WinRAR 3.93 x64
WinZip 15.5.9510

For devices part of PCSentry’s automatic update process, applicable security updates will be automatically downloaded and installed according to the following schedule:

TEST devices on Monday, June 20, 2011
PROD devices on Wednesday, June 22, 2011

If you desire an accelerated deployment of these updates, please contact PCSentry via email or log a service request. For devices that are not on an automatic update schedule, please submit a request to install the updates at your convenience.

If the installation of updates causes instability or other issues on TEST devices, contact PCSentry as soon as possible to delay the installation of updates on PROD devices.

More information on each product update

Bulletin ID: APSB11-16	Title: Adobe Acrobat 10.1.0 Pro and Standard	Severity: Critical
The Adobe Acrobat 10.1.0 Pro and Standard update addresses a critical security vulnerability. Please see Security Bulletin APSB11-16 for details.
Applies to: Adobe Acrobat Pro and Standard

Bulletin ID: APSB11-16	Title: Adobe Acrobat 8.3.0 Pro and Standard	Severity: Critical
The Adobe Acrobat 8.3.0 Pro and Standard update addresses a critical security vulnerability. Please see Security Bulletin APSB11-16 for details.
Applies to: Adobe Acrobat Pro and Standard

Bulletin ID: APSB11-16	Title: Adobe Acrobat 9.4.5 Pro and Standard	Severity: Critical
The Adobe Acrobat 9.4.5 Pro and Standard update addresses a critical security vulnerability. Please see Security Bulletin APSB11-16 for details.
Applies to: Adobe Acrobat Pro and Standard

Bulletin ID: ADOBEAIR27	Title: Adobe Air 2.7.0.19480	Severity: Critical
Adobe Air 2.7 includes fixes that improve the security, stability, performance, and compatibility of AIR.
Applies to: Adobe Air

Bulletin ID: APSB11-18	Title: Adobe Flash Player 10.3.181.26	Severity: Critical
This release contains fixes for critical vulnerabilities identified in Security Bulletin APSB11-18. All users are encouraged to update to the new players version 10.3.181.26.
Applies to: Adobe Flash Player 10

Bulletin ID: APSB11-18	Title: Adobe Flash Player 10.3.181.26 for Firefox, Safari, Opera	Severity: Critical
This release contains fixes for critical vulnerabilities identified in Security Bulletin APSB11-18. All users are encouraged to update to the new players version 10.3.181.26.
Applies to: Adobe Flash Player 10

Bulletin ID: APSB11-16	Title: Adobe Reader 10.1.0	Severity: Critical
Critical vulnerabilities have been identified in Adobe Reader X and earlier versions. Adobe recommends users of Adobe Reader X and earlier versions for Windows update to Adobe Reader X .
Applies to: Adobe Reader

Bulletin ID: APSB11-16	Title: Adobe Reader 8.3.0	Severity: Critical
The Adobe Reader 8.3.0 update addresses a critical security vulnerability. Please see Security Bulletin APSB11-16 for details.
Applies to: Adobe Reader

Bulletin ID: APSB11-16	Title: Adobe Reader 9.4.5	Severity: Critical
The Adobe Reader 9.4.5 update addresses a critical security vulnerability. Please see Security Bulletin APSB11-16 for details.
Applies to: Adobe Reader

Bulletin ID: APSB11-17	Title: Adobe Shockwave Player 11.6.0.626	Severity: Critical
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.620 and earlier versions on the Windows and Macintosh operating systems. These vulnerabilities could allow an attacker, who successfully exploits them, to run malicious code on the affected system.
Applies to: Adobe Shockwave Player

Bulletin ID: GC_12_0_742_100	Title: Google Chrome 12.0.742.100 – Stable channel – System level install	Severity: Critical
This release contains an updated version of Adobe Flash.
Applies to: Google Chrome

Bulletin ID: SKYPE530120	Title: Skype 5.3.0.120	Severity:
With this newly released build the Extras Manager from Skype was removed, there are also the stability improvements.
Applies to: Skype

Bulletin ID: winrar400	Title: WinRAR 4.00 x32	Severity: Critical
This latest version of WinRAR decompresses multimedia files 30% faster, saves your archive passwords for reuse and offers optimized Unicode support.
Applies to: WinRAR

Bulletin ID: winrar400	Title: WinRAR 4.00 x64	Severity: Critical
This latest version of WinRAR decompresses multimedia files 30% faster, saves your archive passwords for reuse and offers optimized Unicode support.
Applies to: WinRAR

Bulletin ID: winrar393	Title: WinRAR 3.93 x32	Severity: Critical
In the release 3.93 bugs in the switches have been fixed, please see newsletter for the details.
Applies to: WinRAR

Bulletin ID: winrar393	Title: WinRAR 3.93 x64	Severity: Critical
In the release 3.93 bugs in the switches have been fixed, please see newsletter for the details.
Applies to: WinRAR

Bulletin ID: WINZIP1559510	Title: WinZip 15.5.9510	Severity:
WinZip 15.5 provides even faster zipping technology, improved usability, and extended functionality.
Applies to: WinZip

Microsoft Updates – June 2011

PCSentry — Wed, 15 Jun 2011 01:33:27 +0000

Microsoft June 2011 Security Updates Supported:

MS11-037 – Vulnerability in MHTML Could Allow Information Disclosure (2544893)
MS11-038 – Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)
MS11-039 – Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)
MS11-040 – Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426)
MS11-041 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)
MS11-042 – Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)
MS11-043 – Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)
MS11-044 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)
MS11-045 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)
MS11-046 – Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)
MS11-047 – Vulnerability in Hyper-V Could Allow Denial of Service (2525835)
MS11-048 – Vulnerability in SMB Server Could Allow Denial of Service (2536275)
MS11-049 – Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)
MS11-050 – Cumulative Security Update for Internet Explorer (2530548)
MS11-051 – Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)
MS11-052 – Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

More Information:
MS11-037
Severity Rating: Important
Vulnerability in MHTML Could Allow Information Disclosure (2544893)

Description:

This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user opens a specially crafted URL from an attacker’s web site. An attacker would have to convince the user to visit the web site, typically by getting them to follow a link in an e-mail message or Instant Messenger message. This security update is rated Important for all supported editions of Windows XP, Windows Vista, and Windows 7, and is rated Low for all supported editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2.

Included Updates:

Security Update for Windows XP x64 Edition (KB2544893)
Security Update for Windows XP (KB2544893)
Security Update for Windows Vista for x64-based Systems (KB2544893)
Security Update for Windows Vista (KB2544893)
Security Update for Windows Server 2008 x64 Edition (KB2544893)
Security Update for Windows Server 2008 R2 x64 Edition (KB2544893)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2008 (KB2544893)
Security Update for Windows Server 2003 x64 Edition (KB2544893)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2003 (KB2544893)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2544893)
Security Update for Windows Embedded Standard 7 (KB2544893)
Security Update for Windows 7 for x64-based Systems (KB2544893)
Security Update for Windows 7 (KB2544893)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-037.mspx
MS11-038
Severity Rating: Critical
Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request. This security update is rated Critical for all supported versions of Microsoft Windows.

Included Updates:

Security Update for Windows XP x64 Edition (KB2476490)
Security Update for Windows XP (KB2476490)
Security Update for Windows Vista for x64-based Systems (KB2476490)
Security Update for Windows Vista (KB2476490)
Security Update for Windows Server 2008 x64 Edition (KB2476490)
Security Update for Windows Server 2008 R2 x64 Edition (KB2476490)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2008 (KB2476490)
Security Update for Windows Server 2003 x64 Edition (KB2476490)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2003 (KB2476490)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2476490)
Security Update for Windows Embedded Standard 7 (KB2476490)
Security Update for Windows 7 for x64-based Systems (KB2476490)
Security Update for Windows 7 (KB2476490)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-038.mspx
MS11-039
Severity Rating: Critical
Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)

Description:

This security update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. This security update is rated Critical for all affected releases of Microsoft .NET Framework for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2; and Microsoft Silverlight 4.

Included Updates:

Security Update for Microsoft Silverlight (KB2512827)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 for Itanium-based Systems (KB2478658)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2478658)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP for x64-based Systems (KB2478658)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 for x64-based Systems (KB2478657)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 x86 (KB2478657)
Security Update for .NET Framework 3.5 and Windows Server 2008 for Itanium-based Systems (KB2478657)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2478663)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2478663)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 SP1 for Itanium-based Systems (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB2478661)
Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2478661)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2478661)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2478660)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2478660)
Security Update for .NET Framework 3.5 SP1 and Windows Server 2008 SP2 for Itanium-based Systems (KB2478660)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2478659)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 for x64-based Systems (KB2478659)
Security Update for .NET Framework 3.5 SP1 on Windows Server 2008 for Itanium-based Systems (KB2478659)
Security Update for .NET Framework 3.5 on Windows Server 2003 for Itanium-based Systems (KB2478656)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2478656)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP for x64-based Systems (KB2478656)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-039.mspx
MS11-040
Severity Rating: Critical
Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426)

Description:

This security update resolves a privately reported vulnerability in the Microsoft Forefront Threat Management Gateway (TMG) 2010 Client, formerly named the Microsoft Forefront Threat Management Gateway Firewall Client. The vulnerability could allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the TMG firewall client is used. This security update is rated Critical for Microsoft Forefront Threat Management Gateway 2010 Client.

Included Updates:

Security Update for Forefront TMG Client (KB 2520426)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-040.mspx
MS11-041
Severity Rating: Critical
Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a network share (or visits a web site that points to a network share) containing a specially crafted OpenType font (OTF). In all cases, however, an attacker would have no way to force a user to visit such a web site or network share. Instead, an attacker would have to convince a user to visit the web site or network share, typically by getting them to click a link in an e-mail message or Instant Messenger message. This security update is rated Critical for all supported editions, except for 32-bit editions, of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2; and Important for all supported editions, except for 32-bit editions, of Windows XP and Windows Server 2003.

Included Updates:

Security Update for Windows XP x64 Edition (KB2525694)
Security Update for Windows Server 2003 x64 Edition (KB2525694)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2525694)
Security Update for Windows Vista for x64-based Systems (KB2525694)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2525694)
Security Update for Windows Server 2008 R2 x64 Edition (KB2525694)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2525694)
Security Update for Windows Server 2008 x64 Edition (KB2525694)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2525694)
Security Update for Windows 7 for x64-based Systems (KB2525694)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-041.mspx
MS11-042
Severity Rating: Critical
Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)

Description:

This security update resolves two privately reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities could allow remote code execution when an attacker sends a specially crafted DFS response to a client-initiated DFS request. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. This security update is rated Critical for all supported editions of Windows XP and Windows Server 2003, and is rated Important for all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Included Updates:

Security Update for Windows Vista for x64-based Systems (KB2535512)
Security Update for Windows Vista (KB2535512)
Security Update for Windows Server 2008 x64 Edition (KB2535512)
Security Update for Windows Server 2008 R2 x64 Edition (KB2535512)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2008 (KB2535512)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2535512)
Security Update for Windows Embedded Standard 7 (KB2535512)
Security Update for Windows 7 for x64-based Systems (KB2535512)
Security Update for Windows 7 (KB2535512)
Security Update for Windows XP x64 Edition (KB2535512)
Security Update for Windows XP (KB2535512)
Security Update for Windows Server 2003 x64 Edition (KB2535512)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2003 (KB2535512)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-042.mspx
MS11-043
Severity Rating: Critical
Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit the vulnerability, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server. This security update is rated Critical for all supported releases of Microsoft Windows.

Included Updates:

Security Update for Windows XP x64 Edition (KB2536276)
Security Update for Windows XP (KB2536276)
Security Update for Windows Vista for x64-based Systems (KB2536276)
Security Update for Windows Vista (KB2536276)
Security Update for Windows Server 2008 x64 Edition (KB2536276)
Security Update for Windows Server 2008 R2 x64 Edition (KB2536276)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2008 (KB2536276)
Security Update for Windows Server 2003 x64 Edition (KB2536276)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2003 (KB2536276)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2536276)
Security Update for Windows Embedded Standard 7 (KB2536276)
Security Update for Windows 7 for x64-based Systems (KB2536276)
Security Update for Windows 7 (KB2536276)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-043.mspx
MS11-044
Severity Rating: Critical
Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)

Description:

This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. This security update is rated Critical for all affected releases of Microsoft .NET Framework for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Included Updates:

Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 for x64-based Systems (KB2518863)
Security Update for .NET Framework 3.5 and Windows Server 2008 for Itanium-based Systems (KB2518863)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 x86 (KB2518863)
Security Update for .NET Framework 3.5 on Windows Server 2003 for Itanium-based Systems (KB2530095)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2530095)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP for x64-based Systems (KB2530095)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2518870)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2518870)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 SP1 for Itanium-based Systems (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB2518867)
Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2518867)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2518867)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2518866)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2518866)
Security Update for .NET Framework 3.5 SP1 and Windows Server 2008 SP2 for Itanium-based Systems (KB2518866)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2518865)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 for x64-based Systems (KB2518865)
Security Update for .NET Framework 3.5 SP1 on Windows Server 2008 for Itanium-based Systems (KB2518865)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 for Itanium-based Systems (KB2518864)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP for x64-based Systems (KB2518864)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-044.mspx
MS11-045
Severity Rating: Important
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)

Description:

This security update resolves eight privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1272, CVE-2011-1273, and CVE-2011-1279. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information about how the Office File Validation feature can be configured to block the attack vectors. Microsoft Excel 2010 is only affected by CVE-2011-1273 described in this bulletin. The automated Microsoft Fix it solution, “Disable Edit in Protected View for Excel 2010,” available in Microsoft Knowledge Base Article 2501584, blocks the attack vectors for exploiting CVE-2011-1273. This security update is rated Important for all supported editions of Microsoft Excel 2002, Microsoft Excel 2003, Microsoft Excel 2007, Microsoft Excel 2010, Microsoft Office 2004 for Mac, Microsoft Office 2008 for Mac, and Microsoft Office for Mac 2011; Open XML File Format Converter for Mac; and all supported versions of Microsoft Excel Viewer and Microsoft Office Compatibility Pack.

Included Updates:

Security Update for Microsoft Excel 2002 (KB2541003)
Security Update for Microsoft Excel 2010 (KB2523021), 64-Bit Edition
Security Update for Microsoft Excel 2010 (KB2523021), 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for the 2007 Microsoft Office System (KB2541012)
Security Update for Microsoft Office Excel Viewer (KB2541015)
Security Update for Microsoft Office Excel 2003 (KB2541025)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-045.mspx
MS11-046
Severity Rating: Important
Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)

Description:

This security update resolves a publicly disclosed vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user’s system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability. This security update is rated Important for all supported versions of Microsoft Windows.

Included Updates:

Security Update for Windows XP x64 Edition (KB2503665)
Security Update for Windows XP (KB2503665)
Security Update for Windows Vista for x64-based Systems (KB2503665)
Security Update for Windows Vista (KB2503665)
Security Update for Windows Server 2008 x64 Edition (KB2503665)
Security Update for Windows Server 2008 R2 x64 Edition (KB2503665)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2008 (KB2503665)
Security Update for Windows Server 2003 x64 Edition (KB2503665)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2003 (KB2503665)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2503665)
Security Update for Windows Embedded Standard 7 (KB2503665)
Security Update for Windows 7 for x64-based Systems (KB2503665)
Security Update for Windows 7 (KB2503665)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-046.mspx
MS11-047
Severity Rating: Important
Vulnerability in Hyper-V Could Allow Denial of Service (2525835)

Description:

This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users. This security update is rated Important for all supported x64-based editions of Windows Server 2008 and Windows Server 2008 R2.

Included Updates:

Security Update for Windows Server 2008 x64 Edition (KB2525835)
Security Update for Windows Server 2008 R2 x64 Edition (KB2525835)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-047.mspx
MS11-048
Severity Rating: Important
Vulnerability in SMB Server Could Allow Denial of Service (2536275)

Description:

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit this vulnerability. This security update is rated Important for all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Included Updates:

Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2536275)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2536275)
Security Update for Windows Embedded Standard 7 (KB2536275)
Security Update for Windows Server 2008 R2 x64 Edition (KB2536275)
Security Update for Windows 7 for x64-based Systems (KB2536275)
Security Update for Windows 7 (KB2536275)
Security Update for Windows Vista for x64-based Systems (KB2536275)
Security Update for Windows Vista (KB2536275)
Security Update for Windows Server 2008 x64 Edition (KB2536275)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2536275)
Security Update for Windows Server 2008 (KB2536275)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-048.mspx
MS11-049
Severity Rating: Important
Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)

Description:

This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system. This security update is rated Important for all supported editions of Microsoft InfoPath 2007 and Microsoft InfoPath 2010; all supported editions of SQL Server 2005, SQL Server 2008, and SQL Server 2008 R2; and all supported editions of Microsoft Visual Studio 2005, Microsoft Visual Studio 2008, and Microsoft Visual Studio 2010.

Included Updates:

Security Update for SQL Server 2008 R2 (KB2494086)
Security Update for SQL Server 2008 R2 (KB2494088)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft InfoPath 2010 (KB2510065), 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2510065), 64-Bit Edition
Security Update for Microsoft Visual Studio 2010 XML Editor (KB2251489)
Security Update for Microsoft Visual Studio 2008 Service Pack 1 XML Editor (KB2251487)
Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481)
Security Update for SQL Server 2008 Service Pack 2 (KB2494094)
Security Update for SQL Server 2008 Service Pack 2 (KB2494089)
Security Update for SQL Server 2008 Service Pack 1 (KB2494100)
Security Update for SQL Server 2008 Service Pack 1 (KB2494096)
Security Update for SQL Server 2005 Service Pack 4 (KB2546869)
Security Update for SQL Server 2005 Service Pack 3 (KB2546869)
Security Update for SQL Server 2005 Service Pack 4 Failover Clustering (KB2494123)
Security Update for SQL Server 2005 Service Pack 4 (KB2494123)
Security Update for SQL Server 2005 Service Pack 4 Failover Clustering (KB2494120)
Security Update for SQL Server 2005 Service Pack 4 (KB2494120)
Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB2494112)
Security Update for SQL Server 2005 Service Pack 3 (KB2494112)
Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB2494113)
Security Update for SQL Server 2005 Service Pack 3 (KB2494113)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-049.mspx
MS11-050
Severity Rating: Critical
Cumulative Security Update for Internet Explorer (2530548)

Description:

This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer 6 on Windows clients, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9; and Moderate for Internet Explorer 6 on Windows servers.

Included Updates:

Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 R2 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 R2 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB2530548)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-050.mspx
MS11-051
Severity Rating: Important
Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)

Description:

This security update resolves a privately reported vulnerability in Active Directory Certificate Services Web Enrollment. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. An attacker who successfully exploited this vulnerability would need to send a specially crafted link and convince a user to click the link. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site. This security update is rated Important for all supported editions, except Itanium, of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2.

Included Updates:

Security Update for Windows Server 2008 x64 Edition (KB2518295)
Security Update for Windows Server 2008 R2 x64 Edition (KB2518295)
Security Update for Windows Server 2008 (KB2518295)
Security Update for Windows Server 2003 x64 Edition (KB2518295)
Security Update for Windows Server 2003 (KB2518295)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-051.mspx
MS11-052
Severity Rating: Critical
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

Description:

This security update resolves a privately reported vulnerability in the Microsoft implementation of Vector Markup Language (VML). This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. Internet Explorer 9 is not affected by the vulnerability.

Included Updates:

Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows XP (KB2544521)
Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows Vista (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 R2 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2003 (KB2544521)
Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows 7 (KB2544521)
Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows XP (KB2544521)
Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Vista (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 (KB2544521)
Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 6 for Windows XP (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 (KB2544521)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-052.mspx

New Security Updates Supported:

MS11-037 – Vulnerability in MHTML Could Allow Information Disclosure (2544893)
MS11-038 – Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)
MS11-039 – Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)
MS11-040 – Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426)
MS11-041 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)
MS11-042 – Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)
MS11-043 – Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)
MS11-044 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)
MS11-045 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)
MS11-046 – Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)
MS11-047 – Vulnerability in Hyper-V Could Allow Denial of Service (2525835)
MS11-048 – Vulnerability in SMB Server Could Allow Denial of Service (2536275)
MS11-049 – Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)
MS11-050 – Cumulative Security Update for Internet Explorer (2530548)
MS11-051 – Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)
MS11-052 – Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

More Information:

MS11-037
Severity Rating: Important
Vulnerability in MHTML Could Allow Information Disclosure (2544893)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2544893)
Security Update for Windows XP (KB2544893)
Security Update for Windows Vista for x64-based Systems (KB2544893)
Security Update for Windows Vista (KB2544893)
Security Update for Windows Server 2008 x64 Edition (KB2544893)
Security Update for Windows Server 2008 R2 x64 Edition (KB2544893)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2008 (KB2544893)
Security Update for Windows Server 2003 x64 Edition (KB2544893)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2003 (KB2544893)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2544893)
Security Update for Windows Embedded Standard 7 (KB2544893)
Security Update for Windows 7 for x64-based Systems (KB2544893)
Security Update for Windows 7 (KB2544893)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-037.mspx

MS11-038
Severity Rating: Critical
Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2476490)
Security Update for Windows XP (KB2476490)
Security Update for Windows Vista for x64-based Systems (KB2476490)
Security Update for Windows Vista (KB2476490)
Security Update for Windows Server 2008 x64 Edition (KB2476490)
Security Update for Windows Server 2008 R2 x64 Edition (KB2476490)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2008 (KB2476490)
Security Update for Windows Server 2003 x64 Edition (KB2476490)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2003 (KB2476490)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2476490)
Security Update for Windows Embedded Standard 7 (KB2476490)
Security Update for Windows 7 for x64-based Systems (KB2476490)
Security Update for Windows 7 (KB2476490)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-038.mspx

MS11-039
Severity Rating: Critical
Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)

Description:

Included Updates:

Security Update for Microsoft Silverlight (KB2512827)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 for Itanium-based Systems (KB2478658)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2478658)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP for x64-based Systems (KB2478658)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 for x64-based Systems (KB2478657)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 x86 (KB2478657)
Security Update for .NET Framework 3.5 and Windows Server 2008 for Itanium-based Systems (KB2478657)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2478663)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2478663)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 SP1 for Itanium-based Systems (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB2478661)
Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2478661)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2478661)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2478660)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2478660)
Security Update for .NET Framework 3.5 SP1 and Windows Server 2008 SP2 for Itanium-based Systems (KB2478660)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2478659)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 for x64-based Systems (KB2478659)
Security Update for .NET Framework 3.5 SP1 on Windows Server 2008 for Itanium-based Systems (KB2478659)
Security Update for .NET Framework 3.5 on Windows Server 2003 for Itanium-based Systems (KB2478656)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2478656)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP for x64-based Systems (KB2478656)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-039.mspx

MS11-040
Severity Rating: Critical
Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426)

Description:

Included Updates:

Security Update for Forefront TMG Client (KB 2520426)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-040.mspx

MS11-041
Severity Rating: Critical
Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2525694)
Security Update for Windows Server 2003 x64 Edition (KB2525694)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2525694)
Security Update for Windows Vista for x64-based Systems (KB2525694)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2525694)
Security Update for Windows Server 2008 R2 x64 Edition (KB2525694)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2525694)
Security Update for Windows Server 2008 x64 Edition (KB2525694)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2525694)
Security Update for Windows 7 for x64-based Systems (KB2525694)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-041.mspx

MS11-042
Severity Rating: Critical
Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)

Description:

Included Updates:

Security Update for Windows Vista for x64-based Systems (KB2535512)
Security Update for Windows Vista (KB2535512)
Security Update for Windows Server 2008 x64 Edition (KB2535512)
Security Update for Windows Server 2008 R2 x64 Edition (KB2535512)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2008 (KB2535512)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2535512)
Security Update for Windows Embedded Standard 7 (KB2535512)
Security Update for Windows 7 for x64-based Systems (KB2535512)
Security Update for Windows 7 (KB2535512)
Security Update for Windows XP x64 Edition (KB2535512)
Security Update for Windows XP (KB2535512)
Security Update for Windows Server 2003 x64 Edition (KB2535512)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2003 (KB2535512)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-042.mspx

MS11-043
Severity Rating: Critical
Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2536276)
Security Update for Windows XP (KB2536276)
Security Update for Windows Vista for x64-based Systems (KB2536276)
Security Update for Windows Vista (KB2536276)
Security Update for Windows Server 2008 x64 Edition (KB2536276)
Security Update for Windows Server 2008 R2 x64 Edition (KB2536276)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2008 (KB2536276)
Security Update for Windows Server 2003 x64 Edition (KB2536276)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2003 (KB2536276)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2536276)
Security Update for Windows Embedded Standard 7 (KB2536276)
Security Update for Windows 7 for x64-based Systems (KB2536276)
Security Update for Windows 7 (KB2536276)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-043.mspx

MS11-044
Severity Rating: Critical
Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)

Description:

Included Updates:

Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 for x64-based Systems (KB2518863)
Security Update for .NET Framework 3.5 and Windows Server 2008 for Itanium-based Systems (KB2518863)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 x86 (KB2518863)
Security Update for .NET Framework 3.5 on Windows Server 2003 for Itanium-based Systems (KB2530095)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2530095)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP for x64-based Systems (KB2530095)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2518870)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2518870)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 SP1 for Itanium-based Systems (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB2518867)
Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2518867)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2518867)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2518866)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2518866)
Security Update for .NET Framework 3.5 SP1 and Windows Server 2008 SP2 for Itanium-based Systems (KB2518866)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2518865)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 for x64-based Systems (KB2518865)
Security Update for .NET Framework 3.5 SP1 on Windows Server 2008 for Itanium-based Systems (KB2518865)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 for Itanium-based Systems (KB2518864)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP for x64-based Systems (KB2518864)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-044.mspx

MS11-045
Severity Rating: Important
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)

Description:

Included Updates:

Security Update for Microsoft Excel 2002 (KB2541003)
Security Update for Microsoft Excel 2010 (KB2523021), 64-Bit Edition
Security Update for Microsoft Excel 2010 (KB2523021), 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for the 2007 Microsoft Office System (KB2541012)
Security Update for Microsoft Office Excel Viewer (KB2541015)
Security Update for Microsoft Office Excel 2003 (KB2541025)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-045.mspx

MS11-046
Severity Rating: Important
Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2503665)
Security Update for Windows XP (KB2503665)
Security Update for Windows Vista for x64-based Systems (KB2503665)
Security Update for Windows Vista (KB2503665)
Security Update for Windows Server 2008 x64 Edition (KB2503665)
Security Update for Windows Server 2008 R2 x64 Edition (KB2503665)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2008 (KB2503665)
Security Update for Windows Server 2003 x64 Edition (KB2503665)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2003 (KB2503665)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2503665)
Security Update for Windows Embedded Standard 7 (KB2503665)
Security Update for Windows 7 for x64-based Systems (KB2503665)
Security Update for Windows 7 (KB2503665)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-046.mspx

MS11-047
Severity Rating: Important
Vulnerability in Hyper-V Could Allow Denial of Service (2525835)

Description:

Included Updates:

Security Update for Windows Server 2008 x64 Edition (KB2525835)
Security Update for Windows Server 2008 R2 x64 Edition (KB2525835)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-047.mspx

MS11-048
Severity Rating: Important
Vulnerability in SMB Server Could Allow Denial of Service (2536275)

Description:

Included Updates:

Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2536275)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2536275)
Security Update for Windows Embedded Standard 7 (KB2536275)
Security Update for Windows Server 2008 R2 x64 Edition (KB2536275)
Security Update for Windows 7 for x64-based Systems (KB2536275)
Security Update for Windows 7 (KB2536275)
Security Update for Windows Vista for x64-based Systems (KB2536275)
Security Update for Windows Vista (KB2536275)
Security Update for Windows Server 2008 x64 Edition (KB2536275)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2536275)
Security Update for Windows Server 2008 (KB2536275)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-048.mspx

MS11-049
Severity Rating: Important
Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)

Description:

Included Updates:

Security Update for SQL Server 2008 R2 (KB2494086)
Security Update for SQL Server 2008 R2 (KB2494088)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft InfoPath 2010 (KB2510065), 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2510065), 64-Bit Edition
Security Update for Microsoft Visual Studio 2010 XML Editor (KB2251489)
Security Update for Microsoft Visual Studio 2008 Service Pack 1 XML Editor (KB2251487)
Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481)
Security Update for SQL Server 2008 Service Pack 2 (KB2494094)
Security Update for SQL Server 2008 Service Pack 2 (KB2494089)
Security Update for SQL Server 2008 Service Pack 1 (KB2494100)
Security Update for SQL Server 2008 Service Pack 1 (KB2494096)
Security Update for SQL Server 2005 Service Pack 4 (KB2546869)
Security Update for SQL Server 2005 Service Pack 3 (KB2546869)
Security Update for SQL Server 2005 Service Pack 4 Failover Clustering (KB2494123)
Security Update for SQL Server 2005 Service Pack 4 (KB2494123)
Security Update for SQL Server 2005 Service Pack 4 Failover Clustering (KB2494120)
Security Update for SQL Server 2005 Service Pack 4 (KB2494120)
Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB2494112)
Security Update for SQL Server 2005 Service Pack 3 (KB2494112)
Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB2494113)
Security Update for SQL Server 2005 Service Pack 3 (KB2494113)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-049.mspx

MS11-050
Severity Rating: Critical
Cumulative Security Update for Internet Explorer (2530548)

Description:

Included Updates:

Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 R2 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 R2 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB2530548)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-050.mspx

MS11-051
Severity Rating: Important
Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)

Description:

Included Updates:

Security Update for Windows Server 2008 x64 Edition (KB2518295)
Security Update for Windows Server 2008 R2 x64 Edition (KB2518295)
Security Update for Windows Server 2008 (KB2518295)
Security Update for Windows Server 2003 x64 Edition (KB2518295)
Security Update for Windows Server 2003 (KB2518295)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-051.mspx

MS11-052
Severity Rating: Critical
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

Description:

Included Updates:

Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows XP (KB2544521)

New Security Updates Supported:

MS11-037 – Vulnerability in MHTML Could Allow Information Disclosure (2544893)
MS11-038 – Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)
MS11-039 – Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842)
MS11-040 – Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426)
MS11-041 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)
MS11-042 – Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)
MS11-043 – Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)
MS11-044 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)
MS11-045 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)
MS11-046 – Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)
MS11-047 – Vulnerability in Hyper-V Could Allow Denial of Service (2525835)
MS11-048 – Vulnerability in SMB Server Could Allow Denial of Service (2536275)
MS11-049 – Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)
MS11-050 – Cumulative Security Update for Internet Explorer (2530548)
MS11-051 – Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)
MS11-052 – Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

More Information:
MS11-037
Severity Rating: Important
Vulnerability in MHTML Could Allow Information Disclosure (2544893)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2544893)
Security Update for Windows XP (KB2544893)
Security Update for Windows Vista for x64-based Systems (KB2544893)
Security Update for Windows Vista (KB2544893)
Security Update for Windows Server 2008 x64 Edition (KB2544893)
Security Update for Windows Server 2008 R2 x64 Edition (KB2544893)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2008 (KB2544893)
Security Update for Windows Server 2003 x64 Edition (KB2544893)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2544893)
Security Update for Windows Server 2003 (KB2544893)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2544893)
Security Update for Windows Embedded Standard 7 (KB2544893)
Security Update for Windows 7 for x64-based Systems (KB2544893)
Security Update for Windows 7 (KB2544893)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-037.mspx
MS11-038
Severity Rating: Critical
Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2476490)
Security Update for Windows XP (KB2476490)
Security Update for Windows Vista for x64-based Systems (KB2476490)
Security Update for Windows Vista (KB2476490)
Security Update for Windows Server 2008 x64 Edition (KB2476490)
Security Update for Windows Server 2008 R2 x64 Edition (KB2476490)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2008 (KB2476490)
Security Update for Windows Server 2003 x64 Edition (KB2476490)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2476490)
Security Update for Windows Server 2003 (KB2476490)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2476490)
Security Update for Windows Embedded Standard 7 (KB2476490)
Security Update for Windows 7 for x64-based Systems (KB2476490)
Security Update for Windows 7 (KB2476490)

Description:

Included Updates:

Security Update for Microsoft Silverlight (KB2512827)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 for Itanium-based Systems (KB2478658)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2478658)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP for x64-based Systems (KB2478658)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 for x64-based Systems (KB2478657)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 x86 (KB2478657)
Security Update for .NET Framework 3.5 and Windows Server 2008 for Itanium-based Systems (KB2478657)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2478663)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2478663)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 SP1 for Itanium-based Systems (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2478662)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB2478661)
Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2478661)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2478661)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2478660)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2478660)
Security Update for .NET Framework 3.5 SP1 and Windows Server 2008 SP2 for Itanium-based Systems (KB2478660)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2478659)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 for x64-based Systems (KB2478659)
Security Update for .NET Framework 3.5 SP1 on Windows Server 2008 for Itanium-based Systems (KB2478659)
Security Update for .NET Framework 3.5 on Windows Server 2003 for Itanium-based Systems (KB2478656)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2478656)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP for x64-based Systems (KB2478656)

Description:

Included Updates:

Security Update for Forefront TMG Client (KB 2520426)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2525694)
Security Update for Windows Server 2003 x64 Edition (KB2525694)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2525694)
Security Update for Windows Vista for x64-based Systems (KB2525694)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2525694)
Security Update for Windows Server 2008 R2 x64 Edition (KB2525694)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2525694)
Security Update for Windows Server 2008 x64 Edition (KB2525694)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2525694)
Security Update for Windows 7 for x64-based Systems (KB2525694)

Description:

Included Updates:

Security Update for Windows Vista for x64-based Systems (KB2535512)
Security Update for Windows Vista (KB2535512)
Security Update for Windows Server 2008 x64 Edition (KB2535512)
Security Update for Windows Server 2008 R2 x64 Edition (KB2535512)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2008 (KB2535512)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2535512)
Security Update for Windows Embedded Standard 7 (KB2535512)
Security Update for Windows 7 for x64-based Systems (KB2535512)
Security Update for Windows 7 (KB2535512)
Security Update for Windows XP x64 Edition (KB2535512)
Security Update for Windows XP (KB2535512)
Security Update for Windows Server 2003 x64 Edition (KB2535512)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2535512)
Security Update for Windows Server 2003 (KB2535512)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-042.mspx
MS11-043
Severity Rating: Critical
Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2536276)
Security Update for Windows XP (KB2536276)
Security Update for Windows Vista for x64-based Systems (KB2536276)
Security Update for Windows Vista (KB2536276)
Security Update for Windows Server 2008 x64 Edition (KB2536276)
Security Update for Windows Server 2008 R2 x64 Edition (KB2536276)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2008 (KB2536276)
Security Update for Windows Server 2003 x64 Edition (KB2536276)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2536276)
Security Update for Windows Server 2003 (KB2536276)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2536276)
Security Update for Windows Embedded Standard 7 (KB2536276)
Security Update for Windows 7 for x64-based Systems (KB2536276)
Security Update for Windows 7 (KB2536276)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-043.mspx
MS11-044
Severity Rating: Critical
Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)

Description:

Included Updates:

Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 for x64-based Systems (KB2518863)
Security Update for .NET Framework 3.5 and Windows Server 2008 for Itanium-based Systems (KB2518863)
Security Update for .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 x86 (KB2518863)
Security Update for .NET Framework 3.5 on Windows Server 2003 for Itanium-based Systems (KB2530095)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2530095)
Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP for x64-based Systems (KB2530095)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2518870)
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2518870)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 SP1 for Itanium-based Systems (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)
Security Update for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB2518867)
Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2518867)
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2518867)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2518866)
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2518866)
Security Update for .NET Framework 3.5 SP1 and Windows Server 2008 SP2 for Itanium-based Systems (KB2518866)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2518865)
Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 for x64-based Systems (KB2518865)
Security Update for .NET Framework 3.5 SP1 on Windows Server 2008 for Itanium-based Systems (KB2518865)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 for Itanium-based Systems (KB2518864)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP for x64-based Systems (KB2518864)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-044.mspx
MS11-045
Severity Rating: Important
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146)

Description:

Included Updates:

Security Update for Microsoft Excel 2002 (KB2541003)
Security Update for Microsoft Excel 2010 (KB2523021), 64-Bit Edition
Security Update for Microsoft Excel 2010 (KB2523021), 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for the 2007 Microsoft Office System (KB2541012)
Security Update for Microsoft Office Excel Viewer (KB2541015)
Security Update for Microsoft Office Excel 2003 (KB2541025)

Description:

Included Updates:

Security Update for Windows XP x64 Edition (KB2503665)
Security Update for Windows XP (KB2503665)
Security Update for Windows Vista for x64-based Systems (KB2503665)
Security Update for Windows Vista (KB2503665)
Security Update for Windows Server 2008 x64 Edition (KB2503665)
Security Update for Windows Server 2008 R2 x64 Edition (KB2503665)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2008 (KB2503665)
Security Update for Windows Server 2003 x64 Edition (KB2503665)
Security Update for Windows Server 2003 for Itanium-based Systems (KB2503665)
Security Update for Windows Server 2003 (KB2503665)
Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2503665)
Security Update for Windows Embedded Standard 7 (KB2503665)
Security Update for Windows 7 for x64-based Systems (KB2503665)
Security Update for Windows 7 (KB2503665)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-046.mspx
MS11-047
Severity Rating: Important
Vulnerability in Hyper-V Could Allow Denial of Service (2525835)

Description:

Included Updates:

Security Update for Windows Server 2008 x64 Edition (KB2525835)
Security Update for Windows Server 2008 R2 x64 Edition (KB2525835)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-047.mspx
MS11-048
Severity Rating: Important
Vulnerability in SMB Server Could Allow Denial of Service (2536275)

Description:

Included Updates:

Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2536275)
Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB2536275)
Security Update for Windows Embedded Standard 7 (KB2536275)
Security Update for Windows Server 2008 R2 x64 Edition (KB2536275)
Security Update for Windows 7 for x64-based Systems (KB2536275)
Security Update for Windows 7 (KB2536275)
Security Update for Windows Vista for x64-based Systems (KB2536275)
Security Update for Windows Vista (KB2536275)
Security Update for Windows Server 2008 x64 Edition (KB2536275)
Security Update for Windows Server 2008 for Itanium-based Systems (KB2536275)
Security Update for Windows Server 2008 (KB2536275)

Description:

Included Updates:

Security Update for SQL Server 2008 R2 (KB2494086)
Security Update for SQL Server 2008 R2 (KB2494088)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft InfoPath 2010 (KB2510065), 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2510065), 64-Bit Edition
Security Update for Microsoft Visual Studio 2010 XML Editor (KB2251489)
Security Update for Microsoft Visual Studio 2008 Service Pack 1 XML Editor (KB2251487)
Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481)
Security Update for SQL Server 2008 Service Pack 2 (KB2494094)
Security Update for SQL Server 2008 Service Pack 2 (KB2494089)
Security Update for SQL Server 2008 Service Pack 1 (KB2494100)
Security Update for SQL Server 2008 Service Pack 1 (KB2494096)
Security Update for SQL Server 2005 Service Pack 4 (KB2546869)
Security Update for SQL Server 2005 Service Pack 3 (KB2546869)
Security Update for SQL Server 2005 Service Pack 4 Failover Clustering (KB2494123)
Security Update for SQL Server 2005 Service Pack 4 (KB2494123)
Security Update for SQL Server 2005 Service Pack 4 Failover Clustering (KB2494120)
Security Update for SQL Server 2005 Service Pack 4 (KB2494120)
Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB2494112)
Security Update for SQL Server 2005 Service Pack 3 (KB2494112)
Security Update for SQL Server 2005 Service Pack 3 Failover Clustering (KB2494113)
Security Update for SQL Server 2005 Service Pack 3 (KB2494113)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-049.mspx
MS11-050
Severity Rating: Critical
Cumulative Security Update for Internet Explorer (2530548)

Description:

Included Updates:

Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 R2 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 9 for Windows 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 R2 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 7 Dynamic Installer for Windows Server 2003 (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows XP (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB2530548)
Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB2530548)

Description:

Included Updates:

Security Update for Windows Server 2008 x64 Edition (KB2518295)
Security Update for Windows Server 2008 R2 x64 Edition (KB2518295)
Security Update for Windows Server 2008 (KB2518295)
Security Update for Windows Server 2003 x64 Edition (KB2518295)
Security Update for Windows Server 2003 (KB2518295)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-051.mspx
MS11-052
Severity Rating: Critical
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

Description:

Included Updates:

Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows XP (KB2544521)
Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows Vista (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 R2 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2003 (KB2544521)
Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows 7 (KB2544521)
Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows XP (KB2544521)
Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Vista (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 (KB2544521)
Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 6 for Windows XP (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 (KB2544521)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-052.mspx

Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows Vista (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 R2 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2008 (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 8 for Windows Server 2003 (KB2544521)
Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521)
Security Update for Internet Explorer 8 for Windows 7 (KB2544521)
Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows XP (KB2544521)
Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Vista (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2008 (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 7 for Windows Server 2003 (KB2544521)
Security Update for Internet Explorer 6 for Windows XP x64 Edition (KB2544521)
Security Update for Internet Explorer 6 for Windows XP (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 x64 Edition (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 for Itanium-based Systems (KB2544521)
Security Update for Internet Explorer 6 for Windows Server 2003 (KB2544521)

Link:
http://www.microsoft.com/technet/security/Bulletin/MS11-052.mspx

Software Updates – June 14, 2011

PCSentry — Wed, 15 Jun 2011 01:28:36 +0000

Security updates for the following applications have been released:

Java Runtime Environment 6.0 x64 Update 26
Java Runtime Environment 6.0 Update 26
iTunes 10.3.1 for Windows

For devices part of PCSentry’s automatic update process, applicable security updates will be automatically downloaded and installed according to the following schedule:

TEST devices on Wednesday, June 16, 2011
PROD devices on Friday, June 18, 2011

If the installation of updates causes instability or other issues on TEST devices, contact PCSentry as soon as possible to delay the installation of updates on PROD devices.

More information on each product update

Bulletin ID: JAVA6026	Title: Java Runtime Environment 6.0 x64 Update 26	Severity: Critical
This release contains fixes for security vulnerabilities: the regression when it is not possible to run filemaker application due to java.lang.ClassCircularityError is fixed.
Applies to: Java Runtime Environment

Bulletin ID: JAVA6026	Title: Java Runtime Environment 6.0 Update 26	Severity: Critical
This release contains fixes for security vulnerabilities: the regression when it is not possible to run filemaker application due to java.lang.ClassCircularityError is fixed.
Applies to: Java Runtime Environment

Bulletin ID: ITUNES103054	Title: iTunes 10.3.1 for Windows	Severity:
iTunes 10.3.1 introduces automatic and previous purchases downloads, adds books to the Store.
Applies to: iTunes

Mac to join the malware party!

PCSentry — Tue, 17 May 2011 13:31:25 +0000

Bad news for Mac users: the first construction kit for Mac OS X Trojans has appeared. That comes just as Microsoft released a report showing that Windows 7 is far safer than previous versions of Windows. So while it’s true that the Mac is still safer than a PC, the security difference between them has begun to shrink (ComputerWorld)

We’ve always maintained there is no magic pill for computer security. It takes work and monitoring, and maybe the Mac world is about to join the malware party. The fact is that the Mac has always had security bugs and flaws. In fact, Apple has often been criticized for taking their time to patch known critical flaws.

The ComputerWorld article points out that it is market share, and not good secure programing, that has kept hackers away from the Mac this long. At the end of the day, most hackers are interested in making a living (just like the rest of us). If a hacker has the choice of creating malware that targets 90 % of computer users as opposed to 10%, they will choose the 90% to increase their chances of success. If you think about it, it’s just like target marketing.

As the Mac’s market share increases, it become more appealing for hackers to create malware to target Mac users. One other interesting point is that the Mac’s market share in affluent households has recently increased by 85%. Perhaps this statistic is attracting hackers who desire to commit financial fraud and steal account information.

Software Update Alert – May 16, 2011

PCSentry — Mon, 16 May 2011 23:56:53 +0000

New Software Updates Available

Security updates for the following applications have been released:

Adobe Flash Player 10.3.181.14
Adobe Flash Player 10.3.181.14 for Firefox, Safari, Opera
Google Chrome 11.0.696.68 – Stable channel – System level install

For devices part of PCSentry’s automatic update process, applicable security updates will be automatically downloaded and installed to TEST devices on Tuesday, May 17, 2011 and PROD devices on Thursday, May 19, 2011. PLEASE NOTE – THIS IS AN ACCELERATED DEPLOYMENT SINCE ALL UPDATES ARE RATED CRITICAL.

If the installation of updates causes instability or other issues on TEST devices, contact PCSentry as soon as possible to delay the installation of updates on PROD devices.

More information on each product update

Bulletin ID: APSB11-12	Title: Adobe Flash Player 10.3.181.14	Severity: Critical
This release contains fixes for critical vulnerabilities identified in Security Bulletin APSB11-12. All users are encouraged to update to the new players version 10.3.181.14.
Applies to: Adobe Flash Player 10

Bulletin ID: APSB11-12	Title: Adobe Flash Player 10.3.181.14 for Firefox, Safari, Opera	Severity: Critical
This release contains fixes for critical vulnerabilities identified in Security Bulletin APSB11-12. All users are encouraged to update to the new players version 10.3.181.14.
Applies to: Adobe Flash Player 10

Bulletin ID: GC_11_0_696_68	Title: Google Chrome 11.0.696.68 – Stable channel – System level install	Severity: Critical
This release included an updated version of Flash Player 10.3; also fixed bad casts in Chromium WebKit glue and integer overflows in SVG filters.
Applies to: Google Chrome

Fake AV makers, scammers exploit Bin Laden news

PCSentry — Tue, 03 May 2011 14:18:34 +0000

As is the case with most big news stories, hackers know people will be searching the net for news articles, pictures, videos, etc. They use various techniques including search engine optimization to lure users to sites with infected content. Once there, the hackers either use malicious files that scan computers for vulnerabilities to exploit, or attempt to convince users to download rogue antivirus or spyware programs.

As this Network World article points out, “Hackers love a big, breaking story…” “This is one of those rare opportunities that can build you a great list and a couple of zeros in your profit,” an anonymous hacker crowed. “Use it while the news of Bin Laden killed by US forces is hot. I just started one and it had 600 likes in 2 minutes.”

The techniques to protect your computers from exploit are, as usual, a layered approach. Make sure you use and update antivirus. Keep your operating system and ALL applications up-to-date with the latest security patches. These steps alone act like a an alarm company sign in your front yard, and are often enough to make attackers move on to the next house on the block. Of course, there are many more controls that can help protect your computers such as restricted access, web content filtering, etc.

If you’re unsure if your computers’ AV, operating system, and applications are up-to-date with the latest security patches, sign-up for a free trial of PCSentry.

Software Update Alert – April 27, 2011

PCSentry — Wed, 27 Apr 2011 14:02:39 +0000

Security updates for the following applications have been released:

Adobe Acrobat Pro and Standard 10.0.3

Adobe Acrobat Pro and Standard 9.4.4

Adobe Reader 9.4.4

Java Runtime Environment 6.0 x64 Update 25

Java Runtime Environment 6.0 Update 25

Skype 5.3.0.111

For devices part of PCSentry’s automatic update process, applicable security updates will be automatically downloaded and installed to TEST devices on Monday, May 2, 2011 and PROD devices on Wednesday, May 4, 2011.

If you desire an excellerated deployment of these updates, please contact PCSentry via email or log a service request. For devices that are not on an automatic update schedule, please submit a request to install the updates at your convenience.

If the installation of updates causes instability or other issues on TEST devices, contact PCSentry as soon as possible to delay the installation of updates on PROD devices.

More information on each product update

Bulletin ID: APSB11-08	Title: Adobe Acrobat Pro and Standard 10.0.3	Severity: Critical
The Adobe Acrobat 10.0.3 Pro and Standard update addresses a critical security vulnerability. Please see Security Bulletin APSB11-08 and APSB11-02 for details.
Applies to: Adobe Acrobat Pro and Standard

Bulletin ID: APSB11-08	Title: Adobe Acrobat Pro and Standard 9.4.4	Severity: Critical
The Adobe Acrobat 9.4.4 Pro and Standard update addresses a critical security vulnerability. Please see Security Bulletin APSB11-08 and APSB11-02 for details.
Applies to: Adobe Acrobat Pro and Standard

Bulletin ID: APSB11-08	Title: Adobe Reader 9.4.4	Severity: Critical
The Adobe Reader 9.4.4 update addresses a critical security vulnerability. Please see Security Bulletin APSB11-08 and APSB11-02 for details.
Applies to: Adobe Reader

Bulletin ID: JAVA6025	Title: Java Runtime Environment 6.0 x64 Update 25	Severity:
This update release contains improved performance and stability, Java HotSpotâ„¢ VM 20, support for IE9, Firefox 4 and Chrome 10, improved BigDecimal.
Applies to: Java Runtime Environment

Bulletin ID: JAVA6025	Title: Java Runtime Environment 6.0 Update 25	Severity:
This update release contains improved performance and stability, Java HotSpotâ„¢ VM 20, support for IE9, Firefox 4 and Chrome 10, improved BigDecimal.
Applies to: Java Runtime Environment

Bulletin ID: SKYPE530111	Title: Skype 5.3.0.111	Severity:
The update 5.3.0.111 fixed echo123 adding to contacts on every startup and script error pop-ups.
Applies to: Skype

Get ready for Windows 64

PCSentry — Sat, 09 Apr 2011 01:08:07 +0000

Microsoft announced today they are breaking the record for the most bugs fixed on a patch Tuesday. Microsoft security updates being delivered on Tuesday, April 12 will include fixes for 64 issues…enjoy!

More information about the specific updates can be found in the Microsoft Security Bulletin

Adobe Flash zero-day bug used to gain access to RSA

PCSentry — Tue, 05 Apr 2011 01:29:43 +0000

Computerworld – Last month’s hack of RSA Security began with an exploit of a then-unpatched vulnerability in Adobe Flash Player, the company confirmed Friday.

Attackers gained access to the RSA network by sending two small groups of RSA employees emails with attached Excel spreadsheets, according to RSA, which is the security division of EMC. One of those employees opened the attachment, which was titled “2011 Recruitment plan.xls.”

The Excel document reportedly contained an embedded Flash file that then exploited the then unpatched vulnerability.

Adobe has released patches for Adobe Flash Player 10.2.153.1 for Internet Explorer and Adobe Flash Player 10.2.153.1 for Firefox, Safari, and Opera. These updates were applied to PCSentry customers’ test computers on March 28 and production computers on March 30.

March 28, 2011 Security Updates

PCSentry — Thu, 31 Mar 2011 00:59:14 +0000

The following Application Security updates have been released.

Adobe Acrobat 10.0.2 Pro and Standard
Adobe Acrobat 9.4.3 Pro and Standard
Adobe Air 2.6.0.19120
Adobe Flash Player 10.2.153.1
Adobe Flash Player 10.2.153.1 for Firefox, Safari, Opera
Adobe Reader 9.4.3
Mozilla Firefox 3.6.16
Mozilla Firefox 4.0
Skype 5.2.0.113

For any devices that are part of PCSentry’s automatic update process, applicable security updates will be automatically downloaded and installed to TEST devices on Monday, March 28, 2011 and PROD devices on Wednesday, March 30, 2011.

If the installation of updates causes instability or other issues on TEST devices, contact PCSentry as soon as possible to delay the installation of updates on PROD devices.

For devices that are not on an automatic update schedule, please submit a request to install the updates at your convenience.