I’d been reading about the advance info for this month’s Patch Tuesday last week, and was a little surprised and frankly also relieved to learn that July 2011 features only four security bulletins (see all the details in the July 2011 Security Bulletin Summary from Microsoft). Imagine my surprise, therefore, when that translated into 6 bulletins for my x86 Windows 7 computers, and as many as 9 for my x64 machines (there’s also a whopping big security roll-up for Office 2010 that showed up on those machines where I’ve got this package installed).
The four bulletins listed in the Microsoft summary include the following:
- MS11-053Vulnerability in Bluetooth Stack Could Allow Remote Code Execution: closes a loophole that could let attackers use specially constructed Bluetooth packets to install programs, mess with data, or create new user accounts with administrative rights. This one’s marked Critical and given the huge number of Bluetooth equipped systems out there is worth rushing into the field.
- MS11-054 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege: resolves 15 different privately reported vulnerabilities, but exploits require valid logon credentials. This one’s marked Important.
- MS11-055 Vulnerability in Microsoft Visio Could Allow Remote Code Execution: closes a backdoor that can open when a user accesses a Visio file on a network where a malicious library file is present, and could grant an attacker the same rights as the affected user. This one’s marked Important.
- MS11-056 Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege: Resolves a handful of privately reported loopholes in the CRSS, though logon and use of a special application (attackers must have valid log on credentials and also log on locally). This one’s marked important, too.
The first Bluetooth item is a hair-raiser, the others are less dramatic or likely to be traumatic. Other items that showed up in this month’s mix included the usual Windows Malicious Software Removal Tool for July, an update to various Outlook Junk Email filters, and something called the Microsoft Office File Validation Add-in (KB2501584), used to confirm that binary files conform to requires MS Office file formats, to help users avoid potential security risks. Another interesting item that didn’t make the bulletin showed up a little later than the other updates on Tuesday: Insecure Library Loading Could Allow Remote Code Execution (KB2533623). It affects the way applications load libraries (key ingredients in the way many of them operate or behave). Other than posing a security risk if a hacked library ends up being loaded instead, I’m not really sure I fully understand this one. I’ll be looking for additional clarification and report back if I find any…
A trio of other interesting items showed up on my x64 Windows 7 machines. KB2552343 addresses a time-out error that can occur when installing a Windows Update package that includes drivers on Windows 7 or Windows Server 2008 R2 PCs (that can’t be good). Another one (KB2547666) fixes a bug that prevents users from deleting long URLs in the browsing history for IE on the same OS platforms. A third addresses the blurred-font issue I originally picked up from Ed Bott late last month (KB2545698).
All in all there was a little more to dig into, and chew on, that the advance reports led me to expect. But that’s the way it goes with Windows operating systems, for sure!