Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft Corporation Jerry Bryant Group Manager, Response Communications Microsoft Corporation

Dial In Number Pin: 3750 What We Will Cover Review of August 2011 Bulletin release information:Review of August 2011 Bulletin release information: –New Security Bulletins –Security Advisory –Re-released Bulletins –Announcements –Microsoft ® Windows ® Malicious Software Removal Tool ResourcesResources Questions and answers: Please Submit NowQuestions and answers: Please Submit Now

Dial In Number Pin: 3750 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP Severity Critical IMPACT Important Moderate Low MS11-057MS11-058MS11-059MS11-060MS11-061MS11-062MS11-063MS11-064MS11-065MS11-066MS11-067MS MS WindowsWindows OfficeWindowsWindows Windows Internet Explorer.NET Visual Studio Windows.NET Framework Windows Windows

Dial In Number Pin: 3750 Bulletin Deployment Priority

Dial In Number Pin: 3750 MS11-057: Cumulative Security Update for Internet Explorer ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE ImportantNA1 Remote Code Execution Cooperatively disclosed CVE Important33 Information Disclosure Cooperatively disclosed CVE Important11 Remote Code Execution Cooperatively disclosed CVE ModerateNANA Information Disclosure Publicly disclosed CVE Critical11 Remote Code Execution Cooperatively disclosed CVE Critical11 Remote Code Execution Cooperatively disclosed CVE ModerateNANA Information Disclosure Publicly disclosed Affected Products IE6, IE7, IE 8 and IE 9 on all supported versions of Windows and Windows Server except IE6 on Windows Server 2003, x64, and Itanium IE 6 on Windows Server 2003, x64, and Itanium Affected Components Internet Explorer Deployment Priority 1 Main Target Workstations and Servers Possible Attack Vectors Browse and Own: An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site. (CVE , 1961, 1962, 1963, 1964)Browse and Own: An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site. (CVE , 1961, 1962, 1963, 1964) Clickjacking: An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer, and then convince a user to view the Web site and perform a series of clicks in different Internet Explorer windows. (CVE )Clickjacking: An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer, and then convince a user to view the Web site and perform a series of clicks in different Internet Explorer windows. (CVE ) Drag and Drop: An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page and performed a drag-and-drop operation. (CVE )Drag and Drop: An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page and performed a drag-and-drop operation. (CVE ) Impact of Attack An attacker could gain the same user rights as the logged on user. (CVE , 1961, 1963, 1964, 1256, 1260, 1261, 1262)An attacker could gain the same user rights as the logged on user. (CVE , 1961, 1963, 1964, 1256, 1260, 1261, 1262) An attacker who successfully exploited this vulnerability could view content from another domain or Internet Explorer zone. (CVE , 1962)An attacker who successfully exploited this vulnerability could view content from another domain or Internet Explorer zone. (CVE , 1962) An attacker who successfully exploited this vulnerability could gain access to cookie files stored in the local machine. (CVE )An attacker who successfully exploited this vulnerability could gain access to cookie files stored in the local machine. (CVE ) Mitigating Factors By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML messages in the Restricted sites zone, which disables script and ActiveX controls.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML messages in the Restricted sites zone, which disables script and ActiveX controls. An attacker could not force a user to visit a specially crafted site.An attacker could not force a user to visit a specially crafted site. Additional Information Installations using Server Core are not affected.Installations using Server Core are not affected.

Dial In Number Pin: 3750 MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE Critical33 Remote Code Execution Cooperatively disclosed CVE Important33 Denial of Service Cooperatively disclosed Affected Products Windows Server 2008, Windows Server 2008 x64, Windows Server 2008R2 x64 Windows Server 2003, Windows Server 2003 x64, Windows Server 2003 for Itanium Affected Components DNS Server Deployment Priority 1 Main Target Servers running in the DNS role Possible Attack Vectors A remote unauthenticated attacker could exploit this vulnerability by registering a domain, creating an NAPTR DNS resource record, and then sending a specially crafted NAPTR query to the target DNS server. (CVE )A remote unauthenticated attacker could exploit this vulnerability by registering a domain, creating an NAPTR DNS resource record, and then sending a specially crafted NAPTR query to the target DNS server. (CVE ) A remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted DNS query to the target DNS server for a resource record of a domain that does not exist. (CVE )A remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted DNS query to the target DNS server for a resource record of a domain that does not exist. (CVE ) Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the system. (CVE )An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the system. (CVE ) A remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted DNS query to the target DNS server for a resource record of a domain that does not exist. (CVE )A remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted DNS query to the target DNS server for a resource record of a domain that does not exist. (CVE ) Mitigating Factors Microsoft has not identified any mitigating factors for this issue.Microsoft has not identified any mitigating factors for this issue. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

Dial In Number Pin: 3750 MS11-059: Vulnerability in Data Access Components Could Allow Remote Code Execution ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE Important1NA Remote Code Execution Cooperatively disclosed Affected Products Windows 7, Windows 7 x64, Windows Server 2008R2 x64, Windows Server 2008R2 for Itanium Affected Components Data Access Components (DAC) Deployment Priority 3 Main Target Workstations Possible Attack Vectors In a network attack scenario, an attacker could place a legitimate Office-related file and a specially crafted DLL in a network share, a UNC, or WebDAV location and then convince the user to open the file.In a network attack scenario, an attacker could place a legitimate Office-related file and a specially crafted DLL in a network share, a UNC, or WebDAV location and then convince the user to open the file. In an attack scenario, an attacker could exploit the vulnerability by sending a legitimate Excel-related file attachment (such as an.xlsx file) to a user, and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. Then, while opening the legitimate file, Microsoft Office could attempt to load the DLL file and execute any code it contained.In an attack scenario, an attacker could exploit the vulnerability by sending a legitimate Excel-related file attachment (such as an.xlsx file) to a user, and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. Then, while opening the legitimate file, Microsoft Office could attempt to load the DLL file and execute any code it contained. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open an Excel-related file (such as a.xlsx file).For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open an Excel-related file (such as a.xlsx file). The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. This limits the potential attack vectors for this vulnerability.The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. This limits the potential attack vectors for this vulnerability. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

Dial In Number Pin: 3750 MS11-060: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE Important11 Remote Code Execution Cooperatively disclosed CVE ImportantNA1 Remote Code Execution Cooperatively disclosed Affected Products Visio 2003, 2007, bit, and bit Affected Components Visio Deployment Priority 2 Main Target Workstations Possible Attack Vectors This vulnerability requires that a user view a specially crafted WMF image file. An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site.This vulnerability requires that a user view a specially crafted WMF image file. An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site. Impact of Attack In an attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Visio file to the user and by convincing the user to open the file.In an attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Visio file to the user and by convincing the user to open the file. In a Web-based attack scenario, an attacker would have to host a Web site that contains a specially crafted Visio file that is used to attempt to exploit this vulnerability. An attacker would then convince a user to open the Visio file.In a Web-based attack scenario, an attacker would have to host a Web site that contains a specially crafted Visio file that is used to attempt to exploit this vulnerability. An attacker would then convince a user to open the Visio file. Mitigating Factors An attacker would have no way to force users to visit a malicious web site.An attacker would have no way to force users to visit a malicious web site. The vulnerability cannot be exploited automatically through .The vulnerability cannot be exploited automatically through . Additional Information Microsoft Visio 2010 Viewer is not affected.Microsoft Visio 2010 Viewer is not affected.

Dial In Number Pin: 3750 MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE Important1NA Elevation of Privilege Cooperatively disclosed Affected Products Windows Server 2008 R2 x64 Affected Components Remote Desktop Web Access Deployment Priority 3 Main Target Servers running the Remote Desktop Web Access role Possible Attack Vectors In an attack scenario, an attacker could exploit the vulnerability by sending a specially crafted link to the user and convincing the user to click the link.In an attack scenario, an attacker could exploit the vulnerability by sending a specially crafted link to the user and convincing the user to click the link. Impact of Attack An attacker who successfully exploited this vulnerability could inject a client-side script into the user's instance of Internet Explorer. The script could spoof content, disclose information, or take any action that the user could take on the Remote Desktop Web Access site.An attacker who successfully exploited this vulnerability could inject a client-side script into the user's instance of Internet Explorer. The script could spoof content, disclose information, or take any action that the user could take on the Remote Desktop Web Access site. Mitigating Factors The XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack for its users when browsing to a Remote Desktop Web Access server in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 is not enabled by default in the Intranet Zone.The XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack for its users when browsing to a Remote Desktop Web Access server in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9 is not enabled by default in the Intranet Zone. An attacker would have no way to force a user to visit a malicious site.An attacker would have no way to force a user to visit a malicious site. By Remote Desktop Web Access is not installed by default. When you install Remote Desktop Web Access, Microsoft Internet Information Services (IIS) is also installed as a required component.By Remote Desktop Web Access is not installed by default. When you install Remote Desktop Web Access, Microsoft Internet Information Services (IIS) is also installed as a required component. Additional Information Installation using Server Core are not affected.Installation using Server Core are not affected.

Dial In Number Pin: 3750 MS11-062: Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE ImportantNA1 Elevation of Privilege Cooperatively disclosed Affected Products Windows XP, XP x64, Windows Server 2003, Windows Server 2003 x64, Windows Server 2003 for Itanium Affected Components NDISTAPI.sys Deployment Priority 2 Main Target Workstations Possible Attack Vectors To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the local system.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the local system. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Additional Information The NDISTAPI driver is part of the RAS architecture and interfaces the NDISWAN to TAPI services.The NDISTAPI driver is part of the RAS architecture and interfaces the NDISWAN to TAPI services. There are no workarounds for this update.There are no workarounds for this update.

Dial In Number Pin: 3750 MS11-063: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE Important11 Elevation of Privilege Cooperatively disclosed Affected Products All supported versions of Windows and Windows Server Affected Components Client/Server Run-time Subsystem Deployment Priority 2 Main Target Workstations and Servers Possible Attack Vectors To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to send a device event message to a higher-integrity process.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to send a device event message to a higher-integrity process. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

Dial In Number Pin: 3750 MS11-064: Vulnerabilities in TCP/IP Stack Could Allow Denial of Service ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE Important33 Denial of Service Cooperatively disclosed CVE Important3NA Denial of Service Cooperatively disclosed Affected Products Windows Server 2008 and 2008 x64, Windows Server 2008 for Itanium, Windows Server 2008R2 x64, Windows Server 2008R2 for Itanium Vista, Vista x64, Windows 7 and Windows 7 x64 Affected Components TCP/IP Stack Deployment Priority 2 Main Target Workstations and Servers Possible Attack Vectors A remote unauthenticated attacker could exploit this vulnerability by creating a program to send a sequence of specially crafted ICMP messages to a target system. (CVE )A remote unauthenticated attacker could exploit this vulnerability by creating a program to send a sequence of specially crafted ICMP messages to a target system. (CVE ) In a remote attack scenario, an unauthenticated attacker could exploit this vulnerability by sending a specially crafted URL request to a server that is serving Web content and has URL-based QoS enabled. (CVE )In a remote attack scenario, an unauthenticated attacker could exploit this vulnerability by sending a specially crafted URL request to a server that is serving Web content and has URL-based QoS enabled. (CVE ) Impact of Attack An attacker who successfully exploited this vulnerability could cause the target system to stop responding and automatically restart.An attacker who successfully exploited this vulnerability could cause the target system to stop responding and automatically restart. Mitigating Factors By default, the URL-based Quality of Service feature is not enabled on any Windows operating system. Users would need to manually install this feature in order to be affected by this vulnerability. (CVE )By default, the URL-based Quality of Service feature is not enabled on any Windows operating system. Users would need to manually install this feature in order to be affected by this vulnerability. (CVE ) Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

Dial In Number Pin: 3750 MS11-065: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE ImportantNA3 Denial of Service Cooperatively disclosed Affected Products Windows Server 2003, Windows Server 2003 x64 and Windows Server 2003 for Itanium Windows XP and XP x64 Affected Components Remote Desktop Protocol Deployment Priority 2 Main Target Servers Possible Attack Vectors A remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RDP packets to the target system.A remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RDP packets to the target system. Impact of Attack An attacker who successfully exploited this vulnerability could cause a user’s system to stop responding and require a restart.An attacker who successfully exploited this vulnerability could cause a user’s system to stop responding and require a restart. Mitigating Factors By default, the Remote Desktop Protocol (RDP) is not enabled on any operating system. On Windows XP and Windows Server 2003, Remote Assistance can enable RDP.By default, the Remote Desktop Protocol (RDP) is not enabled on any operating system. On Windows XP and Windows Server 2003, Remote Assistance can enable RDP. Additional Information Installation using Server Core are affected.Installation using Server Core are affected. Systems that do not have RDP enabled are not at risk.Systems that do not have RDP enabled are not at risk.

Dial In Number Pin: 3750 MS11-066: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE Important3NA Information Disclosure Cooperatively disclosed Affected Products.NET Framework 4.0 on all supported versions of Windows and Windows Server, Chart Control for.NET Framework 3.5 SP1 (Developer Tools) Affected Components Chart Control Deployment Priority 3 Main Target Workstations and Servers Possible Attack Vectors To exploit this vulnerability, an attacker would send a specially crafted GET request to an affected server hosting the Chart controls.To exploit this vulnerability, an attacker would send a specially crafted GET request to an affected server hosting the Chart controls. Impact of Attack An attacker who successfully exploited this vulnerability would be able to read the contents of any file within the web site directory or subdirectories, such as web.config. The web.config file often stores sensitive information.An attacker who successfully exploited this vulnerability would be able to read the contents of any file within the web site directory or subdirectories, such as web.config. The web.config file often stores sensitive information. Mitigating Factors Only web applications using Microsoft Chart Control are affected by this issue. Default installations of the.NET Framework are not affected.Only web applications using Microsoft Chart Control are affected by this issue. Default installations of the.NET Framework are not affected. Additional Information Installation using Server Core are affected in some cases. See bulletin for details.Installation using Server Core are affected in some cases. See bulletin for details..NET 4.0 Client Profiles are not affected..NET 4.0 Client Profiles are not affected.

Dial In Number Pin: 3750 MS11-067: Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE ImportantNA3 Information Disclosure Cooperatively disclosed Affected Products Visual Studio 2005 and 2005 Redistributable Package Affected Components Visual Studio Deployment Priority 3 Main Target Workstations Possible Attack Vectors In an attack scenario, an attacker could exploit the vulnerability by sending an message containing the specially crafted link to the user of the targeted affected server and by convincing the user to click on the specially crafted link.In an attack scenario, an attacker could exploit the vulnerability by sending an message containing the specially crafted link to the user of the targeted affected server and by convincing the user to click on the specially crafted link. In a Web-based attack scenario, an attacker would have to host a Web site that contains a specially crafted link to the targeted affected server that is used to attempt to exploit this vulnerability.In a Web-based attack scenario, an attacker would have to host a Web site that contains a specially crafted link to the targeted affected server that is used to attempt to exploit this vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could inject a client-side script in the user's browser. The script could then be used to spoof content or disclose sensitive information.An attacker who successfully exploited this vulnerability could inject a client-side script in the user's browser. The script could then be used to spoof content or disclose sensitive information. Mitigating Factors The vulnerability cannot be exploited automatically through .The vulnerability cannot be exploited automatically through . An attacker would have no way to force users to view the attacker-controlled content.An attacker would have no way to force users to view the attacker-controlled content. By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML e- mail messages in the Restricted sites zone, which disables script and ActiveX controls.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML e- mail messages in the Restricted sites zone, which disables script and ActiveX controls. Additional Information By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration

Dial In Number Pin: 3750 MS11-068: Vulnerability in Windows Kernel Could Allow Denial of Service ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE ModerateNANA Denial of Service Cooperatively disclosed Affected Products Vista and x64; Windows Server 2008, x64, and Itanium; Windows 7 and x64; Windows Server 2008 R2 x64 and Itanium Affected Components Kernel Deployment Priority 3 Main Target Workstations Possible Attack Vectors In a Web-based attack scenario, an attacker would have to host a Web site that points to a specially crafted file on a network share. Then, when the user navigates to the Web site, the affected control path is triggered via the Details and Preview panes in Windows Explorer.In a Web-based attack scenario, an attacker would have to host a Web site that points to a specially crafted file on a network share. Then, when the user navigates to the Web site, the affected control path is triggered via the Details and Preview panes in Windows Explorer. In a network-share based attack scenario, an attacker could host a specially crafted file on a network share. Then, when the user navigates to the share in Windows Explorer, the affected control path is triggered via the Details and Preview panes.In a network-share based attack scenario, an attacker could host a specially crafted file on a network share. Then, when the user navigates to the share in Windows Explorer, the affected control path is triggered via the Details and Preview panes. Impact of Attack An attacker who successfully exploited this vulnerability could cause the affected system to restart.An attacker who successfully exploited this vulnerability could cause the affected system to restart. Mitigating Factors The vulnerability cannot be exploited automatically through .The vulnerability cannot be exploited automatically through . An attacker would have no way to force users to view the attacker-controlled content.An attacker would have no way to force users to view the attacker-controlled content. Additional Information Installations using Server Core are not affected.Installations using Server Core are not affected.

Dial In Number Pin: 3750 MS11-069: Vulnerability in.NET Framework Could Allow Information Disclosure ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE ModerateNANA Information Disclosure Cooperatively disclosed Affected Products.NET 2.0, 3.5.1, 4.0 on all supported versions of Windows and Windows Server. Affected Components.NET Framework Deployment Priority 3 Main Target Workstations and Servers Possible Attack Vectors Web browsing: An attacker could host a specially crafted Web site that contains a specially crafted XBAP (XAML browser application) that could exploit this vulnerability and then convince a user to view the Web site.Web browsing: An attacker could host a specially crafted Web site that contains a specially crafted XBAP (XAML browser application) that could exploit this vulnerability and then convince a user to view the Web site. Web hosting: If a Web hosting environment allows users to upload custom ASP.NET applications, an attacker could upload a malicious ASP.NET application that uses this vulnerability to break out of the sandbox used to prevent ASP.NET code from performing harmful actions on the server system.Web hosting: If a Web hosting environment allows users to upload custom ASP.NET applications, an attacker could upload a malicious ASP.NET application that uses this vulnerability to break out of the sandbox used to prevent ASP.NET code from performing harmful actions on the server system. Windows.NET applications: This vulnerability could also be used by Windows.NET applications to bypass Code Access Security (CAS) restrictions.Windows.NET applications: This vulnerability could also be used by Windows.NET applications to bypass Code Access Security (CAS) restrictions. Impact of Attack An attacker who successfully exploited this vulnerability would be able to access information not intended to be exposed.An attacker who successfully exploited this vulnerability would be able to access information not intended to be exposed. This vulnerability could be used by an attacker to direct network traffic from a victim's system to other network resources the victim can access.This vulnerability could be used by an attacker to direct network traffic from a victim's system to other network resources the victim can access. This could also allow an attack to perform a denial of service to any system the victim's system can access or use the victim's system to perform scanning of network resources available to the victim.This could also allow an attack to perform a denial of service to any system the victim's system can access or use the victim's system to perform scanning of network resources available to the victim. Mitigating Factors An attacker would have no way to force users to visit these Web sites.An attacker would have no way to force users to visit these Web sites. In a Web-hosting scenario, an attacker must have permission to upload arbitrary ASP.NET pages to a Web site and ASP.NET must be installed on that Web server.In a Web-hosting scenario, an attacker must have permission to upload arbitrary ASP.NET pages to a Web site and ASP.NET must be installed on that Web server. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration. Additional Information Installations using Server Core are affected in some cases; see bulletin for details.Installations using Server Core are affected in some cases; see bulletin for details..NET and 3.5 are not affected..NET and 3.5 are not affected..NET 4 and.NET 4 Client Profiles are affected..NET 4 and.NET 4 Client Profiles are affected.

Dial In Number Pin: 3750 Detection & Deployment

Dial In Number Pin: 3750 Other Update Information

Dial In Number Pin: 3750 Security Advisories SA : Update Rollup for ActiveX Kill Bits This Advisory contains killbits for the following third-party software products: Check Point SSL VPN On-Demand applications (Check Point Software Technologies)Check Point SSL VPN On-Demand applications (Check Point Software Technologies) ActBar (IBM)ActBar (IBM) EBI R Web Toolkit (Honeywell)EBI R Web Toolkit (Honeywell) All three vendors have issued advisories and/or updates on their sites regarding these issues.

Dial In Number Pin: 3750 Bulletin Re-releases MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code ExecutionMS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution –Microsoft is rereleasing this bulletin to add Visual Studio 2010 Service Pack 1 and the Visual C Redistributable Package SP1 as Affected Software. –We are also correcting the file verification information for the Visual C SP1 Redistributable Package, the Visual C SP1 Redistributable Package, and the Visual C Redistributable Package. MS11-043: Vulnerability in SMB Client Could Allow Remote Code ExecutionMS11-043: Vulnerability in SMB Client Could Allow Remote Code Execution –This bulletin is being re-released to refine the update’s behavior when performing certain data writes. MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information DisclosureMS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure –This bulletin is being re-released to address additional SKUs.

Dial In Number Pin: 3750 Announcing… The BlueHat Prize: One week after On August 3 at Black Hat, we introduced the BlueHat Prize, to be awarded to promising defensive-security mitigations. Top award? $200,000. The response to the initial announcement has been gratifying… - See a video overview of the announcement with Senior Security Strategist and program architect Katie Moussouris at

Dial In Number Pin: 3750 Windows Malicious Software Removal Tool (MSRT) During this release Microsoft will increase detection capability for the following families in the MSRT:During this release Microsoft will increase detection capability for the following families in the MSRT: –Win32/FakeSysdef: A top rogue that is causing dramatic customer issues. FakeSysdef tends to kill some antimalware solutions, though MSRT is not susceptible. –Win32/FakeSysdef: A top rogue that is causing dramatic customer issues. FakeSysdef tends to kill some antimalware solutions, though MSRT is not susceptible. Win32/FakeSysdef –Win32/Hiloti: Another prevalent trojan downloader. It’s also known for killing certain antimalware packages, though again MSRT is not susceptible. Win32/Hiloti Available as a priority update through Windows Update or Microsoft Update.Available as a priority update through Windows Update or Microsoft Update. Is offered through WSUS 3.0 or as a download at: offered through WSUS 3.0 or as a download at:

Dial In Number Pin: 3750 Questions and Answers Submit text questions using the “Ask” button.Submit text questions using the “Ask” button. Don’t forget to fill out the survey.Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: Register for next month’s webcast at: recording of this webcast will be available within 48 hours on the MSRC Blog: Register for next month’s webcast at:

Dial In Number Pin: 3750 Resources Blogs Microsoft Security Response Center (MSRC) blog: Security Response Center (MSRC) blog: Security Research & Defense Blog: Research & Defense Blog: Microsoft Malware Protection Center Blog: Malware Protection Center Blog: Twitter Security Centers Microsoft Security Home Page: Security Home Page: TechNet Security Center: Security Center: MSDN Security Developer Center: us/security/default.aspxMSDN Security Developer Center: us/security/default.aspx us/security/default.aspx us/security/default.aspx Microsoft Malicious Software Removal Tool: Malicious Software Removal Tool: Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: mary.mspxSecurity Bulletins Summary: mary.mspx mary.mspx mary.mspx Security Bulletins Search: Bulletins Search: Security Advisories: Advisories: Microsoft Technical Security Notifications: Technical Security Notifications: Microsoft Security Newsletter: Security Newsletter: Other Resources Update Management Process: e/patchmanagement/secmod193.mspxUpdate Management Process: e/patchmanagement/secmod193.mspx e/patchmanagement/secmod193.mspx e/patchmanagement/secmod193.mspx Microsoft Active Protection Program Partners: ners.mspxMicrosoft Active Protection Program Partners: ners.mspx ners.mspx ners.mspx