Today, Microsoft posted the Microsoft Security Bulletin Summary for February 2011, which includes updates for Windows, Office, and Internet Explorer. This summary includes the following Bulletin IDs:
- Microsoft Security Bulletin MS11-003 – Cumulative Security Update for Internet Explorer (2482017)
- Microsoft Security Bulletin MS11-006 – Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
- Microsoft Security Bulletin MS11-007 – Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
- Microsoft Security Bulletin MS11-004 – Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
- Microsoft Security Bulletin MS11-005 – Vulnerability in Active Directory Could Allow Denial of Service (2478953)
- Microsoft Security Bulletin MS11-008 – Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)
- Microsoft Security Bulletin MS11-009 – Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
- Microsoft Security Bulletin MS11-010 – Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
- Microsoft Security Bulletin MS11-011 – Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802
- Microsoft Security Bulletin MS11-012 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
- Microsoft Security Bulletin MS11-013 – Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
- Microsoft Security Bulletin MS11-014 – Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)
Obviously each customer will do their own prioritization of the updates listed above for their environment; however, we have put together a “Bulletin Deployment Priority” chart based on a combination of severity rating, exploitability index rating, available mitigations and workarounds, and range of affected products that you can download and use as you do your assessment, if you choose to. You can also download the February 2011 Security Release ISO Image, which has now been released.
Tomorrow at 11:00 am PST, we will be conducting the February Security Bulletin Webcast and you can register for the February Security Bulletin Webcast in order to join us for this. If you are unable to join us for tomorrow’s webcast at 11:00 am PST, you can view a recording of the webcast and can find out more about this HERE. Interested in learning how to receive automatic notifications whenever Microsoft security bulletins are issued? You can find out more HERE.
When it comes to applying security updates, remember that:
- Customers in the U.S. and Canada can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.
- International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit International Help and Support.
Thank you and have a wonderful day,
Eric Ligman – Follow me on TWITTER, LinkedIn, and RSS and see “What I’m thinking”
Global Partner Experience Lead
Microsoft Worldwide Partner Group
This posting is provided "AS IS" with no warranties, and confers no rights