Patch tuesday for January 2011

Status
Not open for further replies.

bogdan

Level 1
Thread author
Jan 7, 2011
1,362
Microsoft released two patches fixing three vulnerabilities. The first patch (MS11-001) fixes a vulnerability in Windows Backup Manager that could allow remote code execution. It affects Windows Vista Operating system. The second (MS11-002) patch fixes two vulnerabilities in Microsoft Data Access Components (MDAC) that could allow remote code execution as well. This affects all versions of Windows.

What didn't get fixed?

Microsoft didn't released a patch for two well known vulnerabilities, but fortunately they offered a workaround for each one.

The first one is known as Vulnerability in Graphics Rendering Engine (link). This bug is caused by a remotely exploitable flaw in the way that Windows processes thumbnail images in Microsoft Office files. It doesn't affect Windows 7 but it affects other versions and working exploits are known to exist. This Microsoft KB article offers the workaround in the form of "FixIt" buttons. All but Windows 7 users should apply this patch.

The second unpatched vulnerability is the Internet Explorer CSS vulnerability (link) affecting all versions of IE and actively being exploited. Microsoft first recommended enabling EMET for IE to block aspects of the known exploits from being successful. Later they offered a much easier to apply solution in this Microsoft KB article in the form of another "FixIt" button. All Windows users should apply this patch
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top