It's Microsoft Patch Tuesday: May 2011

Justin James gathers the information you need to make the right decision on applying Microsoft's May 2011 patches in your organization.

Last month's patches were brutal, but this month is nice and light. Unfortunately, Microsoft slipped in a big pile of out-of-band patches, which were not terribly appreciated given that none of them were security patches!

This blog post is also available in PDF format in a TechRepublic download. Falling behind on your patch deployments, catch up with previously published Microsoft Patch Tuesday blog posts.

Security Patches

MS11-035/KB2524426 - Critical (2003, 2008, 2008 R2): This patch plugs a security hole in the WINS server that is in Windows servers. Malformed WINS packets can allow remote code execution attacks to occur. Even though many, if not most, servers do not have WINS installed anymore and even though WINS should not be going through your firewalls, you will want to install this patch immediately. 218KB - 1.2MB MS11-036/KB2545814 - Important (Office XP, Office 2003, Office 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Office Compatibility Pack): Malformed PowerPoint files can take advantage of a pair of security holes to perform remote code execution attacks. The attacker is limited to the locally logged-on user's right, but given the prevalence of PowerPoint files, it is best to install this patch as soon as you can. 2.0MB - 7.4MB

Other Updates

KB2529073 - This patch solves a problem where installing SP1 on W7 or 2008 R2 does not update USB drivers under certain circumstances. 313KB - 786KB KB2533552 - If you are getting the "0xC0000034" error when installing SP1 for W7 or 2008 R2, this patch fixes it. 4.0MB - 12.4MB KB2534366 - Similar to the previous patch, this is for error "0xC000009A" when installing SP1 for W7 or 2008 R2. 2.0MB - 4.9MB

"The Usual Suspects": Updates to the Malicious Software Removal Tool (12.9 - 13.3MB) and the Junk Email Filter (2.1MB).

Changed, but not significantly:

  • KB2446709 - Security Update for .NET Framework 3.5.1 on W7 and 2008 R2.
  • KB2449742 - Security Update for .NET Framework 3.5.1 on Vista and 2008.

Updates since the last Patch Tuesday

There were no security updates released out-of-band.

Minor items added or updated since the last Patch Tuesday:

KB2492386 - Improves compatibility with certain games across all Windows OSs. KB2506928 - Fixes an issue with following links in HTML files that have been dragged into Outlook. KB2512715 - Resolves an issue with detecting the OS when installing the Failover Clustering feature. KB2515325 - Provides a reliability update for W7 and 2008 R2. KB982018 - Improves compatibility with Advanced Format Disks with a 4KB physical sector size.

Changed, but not significantly:

  • KB2388210 - Application Compatibility Update for XP, Vista, W7, 2003, 2008, 2008 R2
  • KB2522422 - Cannot print in IE9 with Canon printer's patch
  • KB2524375 - Fix for the fraudulent Comodo certificates problem
  • KB968930 - Windows Management Framework Core package (PowerShell 2.0, WinRM 2.0)
  • KB982519 - Application Compatibility Update for Vista, W7, 2008, and 2008 R2


Justin James is the Lead Architect for Conigent.

Editor's Picks