Security 10808 Published by

Microsoft updated the following two security bulletins:

- MS11-019 - Critical: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455) - Version:1.1
- MS11-017 - Important: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) - Version:1.3



MS11-019 - Critical: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (April 13, 2011): Clarified the vulnerability description in the Executive Summary.

Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit the vulnerability, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server.
Read more

MS11-017 - Important: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) - Version:1.3
Severity Rating: Important - Revision Note: V1.3 (April 13, 2011): Corrected the bulletin replacement information for Remote Desktop Connection 6.0 Client on supported editions of Windows Server 2003 and Remote Desktop Connection 6.1 Client on supported editions of Windows Vista. This is a bulletin change only. There were no changes to the detection or security update files.

Summary: This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
Read more