Windows XP Sp3, Event 516, mfehdik, SLL-API, memory Leak, crypt32.dll | Adobe Flash 11 / 11.0.1.152 Silent Install and Migration from 10.X

Microsoft Patchday October 2011, 11.10.2011/12.10.2011

by butsch 12. October 2011 13:43

Uebersicht aller Patche:

http://technet.microsoft.com/en-us/security/bulletin/ms11-oct

Einstufung der Patche nach Wichtigkeit und wann etwas passieren könnte:

http://blogs.technet.com/b/srd/archive/2011/10/11/assessing-the-risk-of-the-october-2011-security-updates.aspx

Bulletin	Most likely attack vector	Max Bulletin Severity	Max Exploit-ability	Likely first 30 days impact	Platform mitigations and key notes
MS11-081 (Internet Explorer)	Victim browses to a malicious website.	Critical	1	Likely to see reliable exploits developed in the next 30 days.
MS11-078 (Silverlight, .NET framework)	Victim browses to a malicious webpage with Silverlight-enabled browser.	Critical	1	Likely to see reliable exploits for Silverlight 3 in next 30 days.	Underlying issue present in .NET Framework and later versions of Silverlight (4+) but more difficult to exploit for code execution.
MS11-077 (Win32k.sys)	Attacker logged-in to a machine locally exploits vulnerability to elevate to a higher privilege level.	Important	1	Likely to see an exploit developed for local elevation of privilege in next 30 days.
MS11-080 (AFD.sys)	Attacker logged-in to a machine locally exploits vulnerability to elevate to a higher privilege level.	Important	1	Likely to see an exploit developed for local elevation of privilege in next 30 days.	Vista and later platforms not affected due to IO manager hardening.
MS11-075 (DLL Preloading)	Victim browses to a malicious WebDAV share and launches an application by double-clicking a content file hosted on the attacker-controlled WebDAV share.	Important	1	Likely to see reliable exploits developed in the next 30 days.
MS11-076 (DLL Preloading)	Victim browses to a malicious WebDAV share and launches an application by double-clicking a content file hosted on the attacker-controlled WebDAV share.	Important	1	Likely to see reliable exploits developed in the next 30 days.
MS11-079 (Forefront Unified Access Gateway [UAG])	Attackers sends malicious XSS link to a Forefront UAG administrator. Admin clicks link which takes action on the UAG portal in the admin’s context.	Important	1	Likely to see exploit for information disclosure released in next 30 days.
MS11-082 (Host Integration Server)	Attacker sends malicious stream of network packets to Host Integration Service causing a denial of service.	Important	3	Any exploit developed could only be used for denial of service.

2a4d33b7-7aa2-41e7-9f96-d2e0cecb81ca|0|.0|27604f05-86ad-47ef-9e05-950bb762570c

Tags:

Deployment | Hotfixes / Updates | WSUS

GPO: Windows 7 disable Control Panel Icons items with GPOHow to disable certain Control Items/Icons for enduser. As good example would be Bit locker which yo...Microsoft October 2014 Windows Updates problemsSeveral customers had problems with Windows Updates: KB 2952664 KB 2949927 KB 2995388 (APPV, Fron...M365/Hybrid Exchange Setup: Steps to verify on-premise, Prepare for Directory Synchronization (IDFIX, UPN, Proxyaddress) TIP: Cleanup everything LOCAL before you even think of moving anything to M365 or Azure or ev

Comments are closed

Werbung von Drittfirmen (Nicht Butsch Informatik):

Microsoft Patchday October 2011, 11.10.2011/12.10.2011

Related posts

PostList

VMWARE Workspace One, iPhone, iOS 17, Enterprise Wipe after Update. Issue known since 07.07.2023

Powershell, Retrieve DisplayName,DisplayVersion,Publisher from Registry or export.REG

Eventviewer, eventvwr.exe commandline filter XML query buildingm (Call and pre filter view with one line)

Azure Application Proxy | Die Eierlegende kostenlose Woll-Milch-Sau um on-premises Server extern erreichbar zu machen

02.07.2023, CITRIX 0-DAY, Pre Authentication XSS in Citrix Gateway (CVE-2023-24488)

M365/CLOUD, watch Microsoft status LIVE | See who has high volume traffic at homeoffice

M365/Azure, Full Hybrid Mode, M365 user unable to see free/Busy Room/meeting or book on-premise

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

Exchange 2013, 2016, 2019, Event 3028, KILLBIT error, you can safely ignore since 2014

M365 | on-premise, Outlook.exe DEBUG logging for troubleshooting complete guide

Microsoft Patchday October 2011, 11.10.2011/12.10.2011

Related posts

CategoryList

PostList

VMWARE Workspace One, iPhone, iOS 17, Enterprise Wipe after Update. Issue known since 07.07.2023

Powershell, Retrieve DisplayName,DisplayVersion,Publisher from Registry or export.REG

Eventviewer, eventvwr.exe commandline filter XML query buildingm (Call and pre filter view with one line)

Azure Application Proxy | Die Eierlegende kostenlose Woll-Milch-Sau um on-premises Server extern erreichbar zu machen

02.07.2023, CITRIX 0-DAY, Pre Authentication XSS in Citrix Gateway (CVE-2023-24488)

M365/CLOUD, watch Microsoft status LIVE | See who has high volume traffic at homeoffice

M365/Azure, Full Hybrid Mode, M365 user unable to see free/Busy Room/meeting or book on-premise

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

Exchange 2013, 2016, 2019, Event 3028, KILLBIT error, you can safely ignore since 2014

M365 | on-premise, Outlook.exe DEBUG logging for troubleshooting complete guide