It's Microsoft Patch Tuesday: August 2011

Justin James gathers the information you need to make the right deploy decision when applying Microsoft's August 2011 patches in your organization.

Color me "tickled pink" (I know, that was corny). Microsoft did not release anything out of band since the last Patch Tuesday! What did we, the Windows Systems Administrators of the World, do to deserve this? It's a nice change of pace to see fewer remote code execution attacks and a smaller percentage of the fixes rated "Critical." It also looks like many of the same patches resolve identical or similar issues in different parts of the .NET Framework.

This blog post is also available in PDF format in a TechRepublic download. Falling behind on your patch deployments, catch up with previously published Microsoft Patch Tuesday blog posts.

Security Patches

MS11-043/KB2536276 - Critical (XP, Vista, W7, Embedded Standard 7, 2003, 2008, 2008 R2): This patch resolves a security issue where a server can respond to an SMB request with a malformed response that can trigger remote code execution attacks. There are some known issues with the patch, check the KB article for details. You will want to install the patch immediately. 409KB - 1.5MB MS11-057/KB2559049 - Critical (IE6, IE7, IE8, IE9): Seven security problems in IE (two are publicly disclosed already) are fixed. Some can allow remote code execution attacks by viewing malformed Web pages. Install this patch as soon as you can. 3.8MB - 47.3MB MS11-058/KB2562485 - Critical (2008, 2008 R2)/Important (2003): Problems with Windows DNS server can allow denial-of-service and remote cote execution attacks. DNS servers are often exposed to the public Internet, so it is best to patch ASAP. 263KB - 4.7MB MS11-059/KB2560656 - Important (W7, 2008 R2): Yet another fix for the issue of opening Excel documents that are in the same location on the network as malformed library files. Install this patch on your next normal patch day. 330KB - 634KB MS11-060/KB2560978 - Important (Visio 2007, Visio 2010): A pair of problems is allowing malformed Visio files to perform remote code execution attacks. Install this patch if you have Visio installed. 11.0MB - 18.0MB MS11-061/KB2546250 - Important (2008 R2): Remote Desktop Web Access can allow cross-site scripting attacks to perform escalation of privileges, this patch resolves the problem. There is a minor known problem with this patch, regarding Remote desktop, see the KB article for full information. Install this patch if you use Remote Desktop Web Access. 19KB MS11-062/KB2566454 - Important (XP, 2003): The Remote Access Service NDISTAPI driver has a vulnerability that allows logged-on users to get admin rights (escalation of privileges). This patch fixes the issue. This patch can wait until your regular patch time. 486KB - 995KB MS11-063/KB2567680 - Important (XP, Vista, W7, 2003, 2008, 2008 R2): Logged-on users can take advantage of vulnerabilities in the Client/Server Run-Time Subsystem to escalate their privileges. Install this patch at your normal time. 211KB - 3.8MB MS11-064/KB2563894 - Important (2008, 2008 R2)/Moderate (Vista, W7): ICMP packets sent to Windows machines that use URL-based quality-of-service can be used to perform denial-of-service attacks. You should patch during your scheduled time. 714KB - 1.8MB MS11-065/KB2570222 - Important (2003)/Moderate (XP): Remote Desktop Protocol handling on older versions of Windows can allow denial-of-service attacks to occur. You should install this patch if you have RDP enabled on machines. 550KB - 1.2MB MS11-066/KB2567943/KB2500170 - Important (.NET Framework 4, .NET Framework 3.5): The ASP.NET Chart Controls have a vulnerability where a GET request can be used to expose important system information to the attacker. This patch should be installed on your normal patch schedule for machines exposing IIS and ASP.NET pages. Check the KB articles .NET 4 and .NET 3.5 for known issue details. 110KB - 299KB MS11-067/KB2578230 - Important (Visual Studio 2005, Microsoft Report View 2005): Microsoft Report Viewer can be exploited to reveal sensitive system data when viewing a Web page. If you use these older products, install this patch. 1.0MB - 11.0MB MS11-068/KB2556532 - Moderate (Vista, W7, 2008, 2008 R2): This patch fixes a problem where opening a network share with malformed files can allow denial-of-service attacks. This patch can wait for your normal patch day. 2.0MB - 8.4MB MS11-069/KB2567951 - Moderate (.NET Framework 2.0, .NET Framework 3.5.1, .NET Framework 4): Viewing XAML Browser Applications (XBAPs) can trigger information disclosure attacks, this patch fixes the problem. Install on your usual schedule. 110KB - 2.2MB

Other Updates

KB2468871 - A multipatch update for the .NET 4 Framework to resolve a number of minor bugs. 19.0MB - 27.9MB KB2533523 - vhv 110KB - 299KB KB2563227 - This patch for Vista, W7, 2008, and 2008 R2 fixes an issue with SVG graphics rendering. 113KB - 280KB

"The Usual Suspects": ActiveX Killbits (35KB - 659KB), Updates to the Malicious Software Removal Tool (14.9 - 15.2MB), and the Junk Email Filter (2.1MB).

Changed, but not significantly:

KB2529073 - Fix for USB driver issues in W7 SP1 and 2008 R2 SP1.

Updates since the last Patch Tuesday

  • There were no security updates released out-of-band.
  • Minor items added or updated since the last Patch Tuesday: none.
  • Changed, but not significantly: none.

About Justin James

Justin James is the Lead Architect for Conigent.

Editor's Picks