Patch Tuesday August 2011 - 13 updates, 22 vulnerabilities

by Chester Wisniewski on August 10, 2011 | 3 Comments

Filed Under: Adobe Flash, Vulnerability, Windows

Microsoft Security Response logoMicrosoft released 13 bulletins today, which is quite large for a summer Patch Tuesday, but only two of these bulletins were critical. There are nine rated important and two rated as moderate.

The first critical bulletin, MS11-057, affects Internet Explorer and patches seven vulnerabilities. Two of these vulnerabilities were disclosed publicly and are rated moderate. The other five, disclosed privately, could allow remote code execution (RCE) and are thus automatically rated critical.

The other critical bulletin, MS11-058, impacts Windows DNS servers. A specially crafted DNS record in combination with a request to a vulnerable server could lead to remote code execution (RCE).

SophosLabs has rated both of these vulnerabilities as high, as well as a bulletin on Microsoft Data Access Components and Microsoft Visio which Microsoft has rated important.

Other Microsoft components that were patched include Visual Studio, .NET, RDP, Windows Kernel and the TCP/IP stack. Microsoft's advisories can be found on the MSRC blog.

Adobe logoAdobe has also released its Patch Tuesday bulletins today.

Adobe has published the details of these bulletins on its PSIRT blog and SophosLabs has rated the threat level of the Flash Player fixes as high.

As always it is important to deploy these fixes as soon as possible. Fortunately there are only five bulletins SophosLabs considers high risk, so we can get those out there quickly and start preparing for next month.

Tags: , , , , , , , , ,

3 Responses to Patch Tuesday August 2011 - 13 updates, 22 vulnerabilities

  1. @maseck says:
    August 10, 2011 at 11:53 am

    For some reason, I think people will look at me weird if I wish them a "happy patch Tuesday". I have a feeling that anybody who know what patch Tuesday is will give me an extra weird look.

    Reply Report comment
  2. rntra64 says:
    August 10, 2011 at 2:23 pm

    Wow! Thank you! That is great that you posted these! Appreciate it!! :)

    Reply Report comment
  3. roy jones jr says:
    September 12, 2011 at 5:56 pm

    Happy Patch Tuesday! What, do people actually think that computers shouldn't be protected? Am I missing something?

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski or send him an email at chesterw@sophos.com.