Security 10816 Published by

Microsoft has updated the following security bulletins:

- MS11-025 - Important: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212) - Version:2.1
- MS11-024 - Important: Vulnerabilities in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308) - Version:1.2
- MS11-020 - Critical: Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) - Version:1.1



MS11-025 - Important: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212) - Version:2.1
Severity Rating: Important - Revision Note: V2.1 (April 27, 2011): Corrected the bulletin replacement information and clarified the update FAQ entry, "Will I be offered this update even if I have no suitable attack vectors on my system?"

Summary: This security update resolves a publicly disclosed vulnerability in certain applications built using the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user opens a legitimate file associated with such an affected application, and the file is located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by the affected application.
Read more

MS11-024 - Important: Vulnerabilities in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308) - Version:1.2
Severity Rating: Important - Revision Note: V1.2 (April 27, 2011): Corrected the severity table and vulnerability section to add CVE-2010-4701 as a vulnerability addressed by this update. This is an informational change only.

Summary: This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opened a specially crafted fax cover page file (.cov) using the Windows Fax Cover Page Editor. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Read more

MS11-020 - Critical: Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) - Version:1.1
Severity Rating: Critical - Revision Note: V1.1 (April 27, 2011): Corrected the bulletin replacement information for all supported editions of Windows Vista and Windows Server 2008.

Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities.
Read more