Patch Tuesday: April 2011 Is a Doozy!
Here’s what I found waiting for me on my production Windows 7 Professional (x86) machine this morning, in the wake of the latest Patch Tuesday:
A personal record for Patch Tuesday: Up to 24 files to download and install!
Notice that only two items are unchecked by default: KB2511250 relates to an issue printing SVG graphics or CSS3 style sheets in IE9, and the Malicious Software Removal Tool is a usual Patch Tuesday feature. The former is something many users are not likely to need, while Microsoft is being smart about leaving the latter unchecked because it takes some time to run to completion and has occasionally caused problems when batched in with Patch Tuesday stuff in the past.
All this said, here’s a quick abstract of the Security Bulletin Summary for April 2011:
| Bulletin ID |
Bulletin Title |
Rating and Impact |
Restart Required |
Affected Software |
| Cumulative Security Update for IE (2497640) |
Critical |
Yes |
MS Windows, |
|
| Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455) |
Critical |
Yes |
MS Windows |
|
| Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) |
Critical |
Yes |
MS Windows |
|
| Cumulative Security Update of ActiveX Kill Bits (2508272) |
Critical |
Maybe |
MS Windows |
|
| Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015) to bypass Code Access Security (CAS) restrictions. |
Critical |
Maybe |
MS Windows |
|
| Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) |
Critical |
Maybe |
MS Windows, |
|
| Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) |
Critical |
Yes |
MS Windows |
|
| Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666) |
Critical |
Maybe |
MS Windows |
|
| Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618) |
Critical |
Yes |
MS Windows |
|
| Vulnerabilities in MS Excel Could Allow Remote Code Execution (2489279) |
Important |
Maybe |
MS Office |
|
| Vulnerabilities in MS PowerPoint Could Allow Remote Code Execution (2489283) |
Important |
Maybe |
MS Office, |
|
| Vulnerabilities in MS Office Could Allow Remote Code Execution (2489293) |
Important |
Maybe |
MS Office |
|
| Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308) |
Important |
Maybe |
MS Windows |
|
| Vulnerability in MS Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212) |
Important |
Maybe |
MS Developer Tools and Software |
|
| Vulnerability in MHTML Could Allow Information Disclosure (2503658) |
Important |
Yes |
MS Windows |
|
| Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663) |
Important |
Maybe |
MS Windows |
|
| Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223) |
Important |
Yes |
MS Windows |
Note: RCE is my abbreviation for Remote Code Execution, by far the most likely type of vulnerability you’ll encounter in this month’s batch of updates. Lots of important IE vulnerabilities are addressed here, including some recently reported zero-day and the latest PWN2OWN exploits as well. Roll up your sleeves, admins: you’ve got some work to do!
Start the conversation
0 comments