A quick look at Microsoft’s Security Bulletin Summary for August 2011 shows 13 security bulletins for this morning. My own machines (both 32- and 64-bit Windows versions) showed a nearly uniform list of 14 security bulletins (including some non-bulletin elements like the monthly refresh of the Windows Malicious Software Removal Tool and a keyboard driver for my Microsoft keyboards).
Microsoft Windows Security Bulletin Summary August 2011
Here’s a list of the items in the executive summaries section of the August 2011 bulletin (with links to the relevant security bulletin for each item):
- MS11-057 [CR] Cumulative Security Update for Internet Explorer (2559049)
- MS11-058 [CR] Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)
- MS11-059 [IR] Vulnerability in Data Access Components Could Allow Remote Code Execution (2560656)
- MS11-060 [IM] Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978
- MS11-061 [IM] Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)
- MS11-062 [IR] Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454)
- MS11-063 [IR] Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)
- MS11-064 [IR] Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
- MS11-065 [IR] Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)
- MS11-066 [IM] Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
- MS11-067 [IM] Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
- MS11-068 [MR] Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)
- MS11-069 [MM] Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
Key to [xx] bracketed ratings information
First char describes severity ranking: C = Critical, I = Important, M = Moderate
Second char labels restart: R = requires restart, M = may require restart
MS11-058 deals with DNS servers and is highly unlikely to show up on Windows client computers, but the rest of this sometimes comes in separate 32- or 64-bit versions, all of which are likely to show up on Windows desktop machines. There will be some serious and meaningful work for system admins to get these updates into testing to determine if and when deployment will be necessary (as will probably prove to be the case for all critical and important updates in the list, where they touch functions that are present on specific Windows clients or reference builds).
For those who use automatic update, please note that there are two .NET Framework items that remain unselected for install by Microsoft’s choice: KB2468871 and KB2533623. These will need to selected for manual installation if they show up on client machines (as they will for most ordinary Windows users).