Security

It's Microsoft Patch Tuesday: August 2011

Justin James gathers the information you need to make the right deploy decision when applying Microsoft's August 2011 patches in your organization.

Color me "tickled pink" (I know, that was corny). Microsoft did not release anything out of band since the last Patch Tuesday! What did we, the Windows Systems Administrators of the World, do to deserve this? It's a nice change of pace to see fewer remote code execution attacks and a smaller percentage of the fixes rated "Critical." It also looks like many of the same patches resolve identical or similar issues in different parts of the .NET Framework.

This blog post is also available in PDF format in a TechRepublic download. Falling behind on your patch deployments, catch up with previously published Microsoft Patch Tuesday blog posts.

Security Patches

MS11-043/KB2536276 - Critical (XP, Vista, W7, Embedded Standard 7, 2003, 2008, 2008 R2): This patch resolves a security issue where a server can respond to an SMB request with a malformed response that can trigger remote code execution attacks. There are some known issues with the patch, check the KB article for details. You will want to install the patch immediately. 409KB - 1.5MB MS11-057/KB2559049 - Critical (IE6, IE7, IE8, IE9): Seven security problems in IE (two are publicly disclosed already) are fixed. Some can allow remote code execution attacks by viewing malformed Web pages. Install this patch as soon as you can. 3.8MB - 47.3MB MS11-058/KB2562485 - Critical (2008, 2008 R2)/Important (2003): Problems with Windows DNS server can allow denial-of-service and remote cote execution attacks. DNS servers are often exposed to the public Internet, so it is best to patch ASAP. 263KB - 4.7MB MS11-059/KB2560656 - Important (W7, 2008 R2): Yet another fix for the issue of opening Excel documents that are in the same location on the network as malformed library files. Install this patch on your next normal patch day. 330KB - 634KB MS11-060/KB2560978 - Important (Visio 2007, Visio 2010): A pair of problems is allowing malformed Visio files to perform remote code execution attacks. Install this patch if you have Visio installed. 11.0MB - 18.0MB MS11-061/KB2546250 - Important (2008 R2): Remote Desktop Web Access can allow cross-site scripting attacks to perform escalation of privileges, this patch resolves the problem. There is a minor known problem with this patch, regarding Remote desktop, see the KB article for full information. Install this patch if you use Remote Desktop Web Access. 19KB MS11-062/KB2566454 - Important (XP, 2003): The Remote Access Service NDISTAPI driver has a vulnerability that allows logged-on users to get admin rights (escalation of privileges). This patch fixes the issue. This patch can wait until your regular patch time. 486KB - 995KB MS11-063/KB2567680 - Important (XP, Vista, W7, 2003, 2008, 2008 R2): Logged-on users can take advantage of vulnerabilities in the Client/Server Run-Time Subsystem to escalate their privileges. Install this patch at your normal time. 211KB - 3.8MB MS11-064/KB2563894 - Important (2008, 2008 R2)/Moderate (Vista, W7): ICMP packets sent to Windows machines that use URL-based quality-of-service can be used to perform denial-of-service attacks. You should patch during your scheduled time. 714KB - 1.8MB MS11-065/KB2570222 - Important (2003)/Moderate (XP): Remote Desktop Protocol handling on older versions of Windows can allow denial-of-service attacks to occur. You should install this patch if you have RDP enabled on machines. 550KB - 1.2MB MS11-066/KB2567943/KB2500170 - Important (.NET Framework 4, .NET Framework 3.5): The ASP.NET Chart Controls have a vulnerability where a GET request can be used to expose important system information to the attacker. This patch should be installed on your normal patch schedule for machines exposing IIS and ASP.NET pages. Check the KB articles .NET 4 and .NET 3.5 for known issue details. 110KB - 299KB MS11-067/KB2578230 - Important (Visual Studio 2005, Microsoft Report View 2005): Microsoft Report Viewer can be exploited to reveal sensitive system data when viewing a Web page. If you use these older products, install this patch. 1.0MB - 11.0MB MS11-068/KB2556532 - Moderate (Vista, W7, 2008, 2008 R2): This patch fixes a problem where opening a network share with malformed files can allow denial-of-service attacks. This patch can wait for your normal patch day. 2.0MB - 8.4MB MS11-069/KB2567951 - Moderate (.NET Framework 2.0, .NET Framework 3.5.1, .NET Framework 4): Viewing XAML Browser Applications (XBAPs) can trigger information disclosure attacks, this patch fixes the problem. Install on your usual schedule. 110KB - 2.2MB

Other Updates

KB2468871 - A multipatch update for the .NET 4 Framework to resolve a number of minor bugs. 19.0MB - 27.9MB KB2533523 - vhv 110KB - 299KB KB2563227 - This patch for Vista, W7, 2008, and 2008 R2 fixes an issue with SVG graphics rendering. 113KB - 280KB

"The Usual Suspects": ActiveX Killbits (35KB - 659KB), Updates to the Malicious Software Removal Tool (14.9 - 15.2MB), and the Junk Email Filter (2.1MB).

Changed, but not significantly:

KB2529073 - Fix for USB driver issues in W7 SP1 and 2008 R2 SP1.

Updates since the last Patch Tuesday

  • There were no security updates released out-of-band.
  • Minor items added or updated since the last Patch Tuesday: none.
  • Changed, but not significantly: none.

About

Justin James is the Lead Architect for Conigent.

8 comments
smitty0375
smitty0375

We have several machines running Win7 and Office 2007 that outlook will not authenticate to exchange. Any ideas? Not the profile. I've logged in to a laptop that I've never used that had the issue and it did the same for my account.

michael_boardman
michael_boardman

Update fails, this time with error code 80200053. Click "Get help..." which gives "help" on Windows error 800705b4: why??? Click to go to the troubleshooter, go through the motions, and Windows says it's fixed. Hallelujah! Go through the update process again, and update fails! I can go through the process again, and again, and again, and... oh, you get the picture. Sooner or later, for no apparent reason, they will download. Meantime, I suppose I just hope I don't get hit with something these were supposed to fix.

robertr
robertr

Had a new client contact me and his XP User Profile was corrupted, so Windows built a new profile. I did a System Restore prior to Updates, and his profile came back. I have to attribute to Patch Tuesday because this occurred after updates. He is back up and running. The other User Profile was fine, very strange. First time I have seen this Windows message when starting a User Profile!

tthrush
tthrush

These "patches in a nutshell" articles are quite useful. Not many of us have time to drill into the MS bulletins in depth.

Mark W. Kaelin
Mark W. Kaelin

Are the Microsoft patches giving you trouble this month? Maybe you peers can help - describe the problems you are having.

ChrisHyche@AlabamaOne.Org
ChrisHyche@AlabamaOne.Org

I would check disk space on that machine. Very low disk space can cause profiles to fail loading. If it was close before then the patches could have pushed it over the edge. Just a thought...

Justin James
Justin James

We're glad that folks find them helpful! J.Ja

robertr
robertr

I will check this. I had to order RAM (this is a very old machine w/ only 256MB of RAM barely enough for XP, IMHO not enough, will max it to 1GB). This is the first time I was called by this client, so I have no historic record of machine. Updates did go in with no issue, so I will check disk space when RAM comes in and I install....

Editor's Picks