Microsoft Security Bulletins Coverage (Feb 08, 2011)

SonicWALL has analyzed and addressed Microsoft's security advisories for the month of February, 2011. A list of issues reported, along with SonicWALL coverage information follows:

MS11-003 Cumulative Security Update for Internet Explorer (2482017)

CVE-2010-3971 - CSS Memory Corruption Vulnerability
IPS 6094 MS IE CSS Import Use-After-Free Code Execution Exploit 1
IPS 6095 MS IE CSS Import Use-After-Free Code Execution Exploit 2
IPS 6096 MS IE CSS Import Use-After-Free Code Execution Exploit 3
IPS 6098 MS IE CSS Import Use-After-Free Attempt
CVE-2011-0035 - Uninitialized Memory Corruption Vulnerability
This is a logical vulnerability. No IPS detection solution is available.
CVE-2011-0036 - Uninitialized Memory Corruption Vulnerability
IPS 6223 MS IE DHTML Object Memory Corruption (MS11-003)
CVE-2011-0038 - Internet Explorer Insecure Library Loading Vulnerability
IPS 5726 Possible Binary Planting Attempt

MS11-004 Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)

CVE-2010-3972 - IIS FTP Service Heap Buffer Overrun Vulnerability
IPS 6101 MS IIS FTP Server DoS Vulnerability

MS11-005 Vulnerability in Active Directory Could Allow Denial of Service (2478953)

CVE-2011-0040 - Active Directory SPN Validation Vulnerability
This is a local vulnerability. No IPS detection solution is available.

MS11-006 Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)

CVE-2010-3970 - Windows Shell Graphics Processing Overrun Vulnerability
IPS 6119 MS Graphics Rendering Thumbnail Stack BO Exploit

MS11-007 Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)

CVE-2011-0033 - OpenType Font Encoded Character Vulnerability
GAV 39973 OpenType.MS11-007

MS11-008 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)

CVE-2011-0092 - Visio Object Memory Corruption Vulnerability
This is a logical vulnerability. No IPS detection solution is available.
CVE-2011-0093 - Visio Data Type Memory Corruption Vulnerability
This is a logical vulnerability. No IPS detection solution is available.

MS11-009 Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)

CVE-2011-0031 - Scripting Engines Information Disclosure Vulnerability
IPS 6224 Possible Scripting Engine Memory Corruption Attack

MS11-010 Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)

CVE-2011-0030 - CSRSS Elevation of Privilege Vulnerability
This is a local vulnerability. No IPS detection solution is available.

MS11-011 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)

CVE-2010-4398 - Driver Improper Interaction with Windows Kernel Vulnerability
This is a local vulnerability. No IPS detection solution is available.
CVE-2011-0045 - Windows Kernel Integer Truncation Vulnerability
This is a local vulnerability. No IPS detection solution is available.

MS11-012 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)

CVE-2011-0086 - Win32k Improper User Input Validation Vulnerability
This is a local vulnerability. No IPS detection solution is available.
CVE-2011-0087 - Win32k Insufficient User Input Validation Vulnerability
This is a local vulnerability. No IPS detection solution is available.
CVE-2011-0088 - Win32k Window Class Pointer Confusion Vulnerability
This is a local vulnerability. No IPS detection solution is available.
CVE-2011-0089 - Win32k Window Class Improper Pointer Validation Vulnerability
This is a local vulnerability. No IPS detection solution is available.
CVE-2011-0090 - Win32k Memory Corruption Vulnerability
This is a local vulnerability. No IPS detection solution is available.

MS11-013 Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)

CVE-2011-0043 - Kerberos Unkeyed Checksum Vulnerability
This is a local vulnerability. No IPS detection solution is available.
CVE-2011-0091 - Kerberos Spoofing Vulnerability
This is a local vulnerability. No IPS detecti
on solution is available.

MS11-014 Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)

CVE-2011-0039 - LSASS Length Validation Vulnerability
This is a local vulnerability. No IPS detection solution is available.

Share This Article

An Article By

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.