Wednesday 10 August 2011

Microsoft Patch Tuesday: Internet Explorer critical updates to Windows DNS

Microsoft Internet Explorer and Windows DNS server, including the fundamental changes affecting two to 13 security bulletins, patching 22 vulnerabilities published throughout the product line.

Fewer updates during the very busy month for system administrators as Microsoft is still marked in August released this month. Adobe Systems Inc. publishes a monthly cycle sets, with seven players Shockwave Flash Player with more than a dozen holes and repair defects in a bug in Flash, on Tuesday night released a security update critical for Media Server.

Two zero-day vulnerabilities in Microsoft Internet Explorer flaws, including seven in the vehicle. MS11-057, according to Microsoft, an attacker who successfully exploited these vulnerabilities, it can have the same rights as the local user. Microsoft, Internet Explorer uses a specially crafted Web page showing the most severe vulnerabilities could allow remote code execution he said.

IE flaws affect all versions of Internet Explorer, including nine as well. Updated IE handles JavaScript handles objects in memory and drivers resolves the errors. For most organizations, the IE update will be applied automatically.

Jason Miller, director of research and development, Shavlik Technologies, VMware, IE and Windows DNS error failures allows cyber criminals to attack a remote system, he said. In the case of a deficit, "the wild, it is important to know as soon as possible," said Miller.

Patch Managers must also address the vulnerabilities on the server side. MS11-058, Windows DNS server resolves two security vulnerabilities. Defects affect a customer request to a DNS server instead of server-side. The relay of the company's DNS server DNS cache is enabled, the system is at risk. Otherwise, the DNS feature is not enabled; users are not at risk, but to be on the safe side not to distribute the said Miller.

Vulnerability in Remote Desktop Protocol from another bulletin MS11-065 stands. The security bulletin was considered important to users of Windows Server 2003; Microsoft said Miller had seen the attacks on the nature of the failure. An attacker can crash the computer system of the victim sends a connection request to a Remote Desktop Protocol malicious fault may become a target.

All security bulletins summarizing the details are available on the Microsoft Security Response Center blog.

Repair defects update Adobe Shockwave Player

Adobe Systems Inc., and the affected system to gain access to sensitive data can be used by an attacker to run malicious code on the Shockwave Player, a critical update released Tuesday, Sept. security vulnerabilities identified.

Adobe also released an update to Flash Player and Flash Media Server. Upgrade Flash Player error than a dozen have been identified. Update, Windows, Macintosh, Linux and Solaris, Android and Flash Player 2.7 and Windows, and Macintosh versions of Adobe AIR for Android affects users of Flash Player.

In the meantime, users of Flash Media Server can cause a denial of service on an affected system to fix a critical vulnerability in Flash Media Server 4.0.3 or 3.5.7 are encouraged to upgrade.

No comments:

Post a Comment