Posts

Microsoft Security Bulletin Coverage (July 12, 2011)

SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of July, 2011. A list of issues reported, along with SonicWALL coverage information follows:

MS11-053 Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220)

  • Bluetooth Stack Vulnerability – CVE-2011-1265
    Attacks targeting this vulnerability would occur over Bluetooth.

MS11-054 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917)

  • Win32k Use After Free Vulnerability – CVE-2011-1874
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1875
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1876
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1877
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1878
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1879
    This is a local vulnerability.
  • Win32k Null Pointer De-reference Vulnerability – CVE-2011-1880
    This is a local vulnerability.
  • Win32k Null Pointer De-reference Vulnerability – CVE-2011-1881
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1882
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1883
    This is a local vulnerability.
  • Win32k Use After Free Vulnerability – CVE-2011-1884
    This is a local vulnerability.
  • Win32k Null Pointer De-reference Vulnerability – CVE-2011-1885
    This is a local vulnerability.
  • Win32k Incorrect Parameter Validation Allows Information Disclosure Vulnerability – CVE-2011-1886
    This is a local vulnerability.
  • Win32k Null Pointer De-reference Vulnerability – CVE-2011-1887
    This is a local vulnerability.
  • Win32k Null Pointer De-reference Vulnerability – CVE-2011-1888
    This is a local vulnerability.

MS11-055 Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)

  • Microsoft Visio Insecure Library Loading Vulnerability – CVE-2011-3148
    IPS 5726 Possible Binary Planting Attempt

MS11-056 Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)

  • CSRSS Local EOP AllocConsole Vulnerability – CVE-2011-1281
    This is a local vulnerability.
  • CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability – CVE-2011-1282
    This is a local vulnerability.
  • CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability – CVE-2011-1283
    This is a local vulnerability.
  • CSRSS Local EOP SrvWriteConsoleOutput Vulnerability – CVE-2011-1284
    This is a local vulnerability.
  • CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability – CVE-2011-1870
    This is a local vulnerability.