علاوه بر اين خبر خوب بايد مديران شبكه بدانند كه 3 عدد از اين بولتن ها در سطح اضطراري يا (Patch NOW) قرار دارند و مي بايست هر چه زودتر اين سه بولتن (MS11-018 و MS11-020 و MS11-026 ) را روي همه كامپيوترهاي شبكه خود نصب كنند. براي اين نقاط ضعف امنيتي بعضا كدهاي سوء استفاده كننده (exploit) هم نوشته شده است.
در صورت عدم توجه به موقع مديران شبكه به اين موضوع مي تواند به فراگيري كرم جديدي مشابه با Conficker/Downadup منجر گردد.
جهت اطلاع بيشتر به جدول زير مراجعه كنيد:
# | Affected | Contra Indications | Known Exploits | Microsoft rating | ISC rating(*) | |
---|---|---|---|---|---|---|
clients | servers | |||||
MS11-018 | Cumulative Security Update for Internet Explorer ( Replaces MS11-003 ) | |||||
Internet Explorer 6-8 CVE-2011-0094 CVE-2011-0346 CVE-2011-1244 CVE-2011-1245 CVE-2011-1345 |
KB 2497640 | ACTIVELY EXPLOITED. | Severity:Critical Exploitability: 1,1,?,3,1 |
PATCH NOW! | Critical | |
MS11-019 | Vulnerabilities in SMB Client Could Allow Remote Code Execution ( Replaces MS10-020 ) | |||||
Windows CVE-2011-0654 CVE-2011-0660 |
KB 2511455 | POC Available. | Severity:Critical Exploitability: 2,1 |
Critical | Critical | |
MS11-020 | Vulnerability in SMB Server Could Allow Remote Code Execution ( Replaces MS10-012 MS10-054 ) | |||||
Windows CVE-2011-0661 |
KB 2508429 | No Known Exploits. | Severity:Critical Exploitability: 1 |
PATCH NOW! | PATCH NOW! | |
MS11-021 | Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution ( Replaces MS10-080 MS10-087 ) | |||||
Office XP SP3-2010, Office 2004-2011 for Mac, Open XML File Format Converter, Excel Viewer SP2, Office Compatibility Pack for 2007 file formats CVE-2011-0097 CVE-2011-0098 CVE-2011-0101 CVE-2011-0103 CVE-2011-0104 CVE-2011-0105 CVE-2011-0978 CVE-2011-0979 CVE-2011-0980 |
KB 2489279 | No Known Exploits. | Severity:Important Exploitability: 1,1,1,2,2,2,1,1,1 |
Important | Important | |
MS11-022 | Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution ( Replaces MS09-017 MS10-036 MS10-087 MS10-088 ) | |||||
PowerPoint CVE-2011-0655 CVE-2011-0656 CVE-2011-0976 |
KB 2489283 | No Known Exploits. | Severity:Important Exploitability: 2,2,1 |
Important | Important | |
MS11-023 | Vulnerabilities in Microsoft Office Could Allow Remote Code Execution ( Replaces MS10-087 ) | |||||
Office XP - 2007, Office 2004 - 2008 for Mac, Open XML File Format Converter CVE-2011-0107 CVE-2011-0977 |
KB 2489293 | POC Available. | Severity:Important Exploitability: 1,2 |
Important | Important | |
MS11-024 | Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution | |||||
Fax Services, Fax Server Role CVE-2010-3974 |
KB 2527308 | POC Available. | Severity:Important Exploitability: 3 |
Critical | Important | |
MS11-025 | Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution | |||||
Visual Studio .NET 2003 - 2010, Visual C++ 2005 - 2010 Redistributable Package CVE-2010-3190 |
KB 2500212 | No Known Exploits. | Severity:Important Exploitability: 1 |
Important | Important | |
MS11-026 | Vulnerability in MHTML Could Allow Information Disclosure | |||||
MHTML CVE-2011-0096 |
KB 2503658 | ACTIVELY EXPLOITED. | Severity:Important Exploitability: 3 |
PATCH NOW! | Important | |
MS11-027 | Cumulative Security Update of ActiveX Kill Bits ( Replaces MS10-034 ) | |||||
Windows XP- 7, Server 2003-2008 CVE-2010-0811 CVE-2010-3973 CVE-2011-1243 |
KB 2508272 | POC Available. | Severity:Critical Exploitability: ?,?,? |
Critical | Critical | |
MS11-028 | Vulnerability in .NET Framework Could Allow Remote Code Execution ( Replaces MS09-061 MS10-060 MS10-077 ) | |||||
.NET framework (all supported version) CVE-2010-3958 |
KB 2484015 | No Known Exploits. | Severity:Critical Exploitability: 1 |
Critical | Critical | |
MS11-029 | Vulnerability in GDI+ Could Allow Remote Code Execution ( Replaces MS09-062 MS10-087 ) | |||||
Windows XP-Vista, Windows Server 2003-2008, Office XP CVE-2011-0041 |
KB 2489979 | No Known Exploits. | Severity:Critical Exploitability: 1 |
Critical | Critical | |
MS11-030 | Vulnerability in DNS Resolution Could Allow Remote Code Execution ( Replaces MS08-020 MS08-037 MS08-066 ) | |||||
Windows XP - 7, Windows Server 2008 CVE-2011-0657 |
KB 2509553 | No Known Exploits. | Severity:Critical Exploitability: 2 |
Critical | Critical | |
MS11-031 | Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution ( Replaces MS09-045 MS10-022 MS11-009 ) | |||||
OpenType Compact Font Format (CFF) driver CVE-2011-0663 |
KB 2514666 | No Known Exploits. | Severity:Critical Exploitability: 2 |
Critical | Important | |
MS11-032 | Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution ( Replaces MS11-007 ) | |||||
OpenType Compact Font Format (CFF) driver CVE-2011-0034 |
KB 2507618 | No Known Exploits. | Severity:Critical Exploitability: 3 |
Critical | Important | |
MS11-033 | Vulnerability in WordPad Text Converters Could Allow Remote Code Execution ( Replaces MS10-067 ) | |||||
Microsoft Wordpad CVE-2011-0028 |
KB 2485663 | No Known Exploits. | Severity:Important Exploitability: 1 |
Important | Important | |
MS11-034 | Elevation of Privilege Vulnerabilities in Windows Kernel-Mode Drivers (Replaces MS10-012 ) | |||||
Kernel Mode Drivers CVE-2011-0662 CVE-2011-0665 CVE-2011-0666 CVE-2011-0667 CVE-2011-0670 CVE-2011-0671 CVE-2011-0672 CVE-2011-0673 CVE-2011-0674 CVE-2011-0675 CVE-2011-0676 CVE-2011-0677 CVE-2011-1225 CVE-2011-1226 CVE-2011-1227 CVE-2011-1228 CVE-2011-1229 CVE-2011-1230 CVE-2011-1231 CVE-2011-1232 CVE-2011-1233 CVE-2011-1234 CVE-2011-1235 CVE-2011-1236 CVE-2011-1237 CVE-2011-1238 CVE-2011-1239 CVE-2011-1240 CVE-2011-1241 CVE-2011-1242 |
KB 2506223 | No Known Exploits. | Severity:Important Exploitability: 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 ,1 , 1 , 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, 1, 1, 1, 3, 1, 1, 1, 1 |
Important | Important |