Security Advisory - January 11, 2011

Zscaler Provides Immediate Vulnerability Protection in the Face of Microsoft Patch Cycle

 

 

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for a vulnerability within a security bulletin included in the January 2011 Microsoft patch cycle. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections as necessary.

MS11-002 - Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910)

Severity: Critical
Affected Software

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7

CVE-2011-0027 - ADO Record Memory Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft Data Access Components validates memory allocation. This vulnerability could allow code execution if a user visited a specially crafted Web page.