Security Advisory - September 13, 2011
Zscaler Provides Immediate Vulnerability Protection for September 2011 Microsoft Patch Cycle
Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for thirteen web-based vulnerabilities included in the September 2011 Microsoft patch cycle. Zscaler will continue to monitor exploits associated with this release and deploy additional protections as necessary.
MS11-071– Vulnerability in Windows Components Could Allow Remote Code Execution (KB2570947)
Severity: Important
Affected Software
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
CVE-2011-1991 – Windows Components Insecure Library Loading Vulnerability
Description: A remote code execution vulnerability exists in the way that certain Windows components handle the loading of DLL files.
MS11-072 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (KB2587505)
Severity: Important
Affected Software
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Microsoft Office SharePoint Server 2007
- Microsoft Office SharePoint Server 2010
- Microsoft Office Web Apps 2010
CVE-2011-1986 – Excel Use after Free WriteAV Vulnerability
CVE-2011-1987 – Excel Out of Bounds Array Indexing Vulnerability
CVE-2011-1988 – Excel Heap Corruption Vulnerability
CVE-2011-1989 – Excel Conditional Expression Parsing Vulnerability
CVE-2011-1990 – Excel Out of Bounds Array Indexing Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Excel handles specially crafted Excel files.
MS11-073 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (KB2587634)
Severity: Important
Affected Software
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2010
CVE-2011-1982 – Office Uninitialized Object Pointer Vulnerability
Description:A remote code execution vulnerability exists in the way that Microsoft Office handles specially crafted Word files.
MS11-074 – Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (KB2451858)
Severity: Important
Affected Software
- Microsoft Office Groove 2007
- Microsoft SharePoint Workspace 2010
- Microsoft Office Forms Server 2007
- Microsoft Office SharePoint Server 2007
- Microsoft Office SharePoint Server 2010
- Microsoft Office Groove Data Bridge Server 2007
- Microsoft Office Groove Management Server 2007
- Microsoft Groove Server 2010
- Microsoft Windows SharePoint Services 2.0
- Microsoft Windows SharePoint Services 3.0
- Microsoft SharePoint Foundation 2010
- Microsoft Office Web Apps 2010
CVE-2011-0653 – XSS in SharePoint Calendar Vulnerability
Description:A cross-site scripting vulnerability exists in Microsoft SharePoint 2010 that could result in information disclosure or elevation of privilege if a user clicks a specially crafted URL containing malicious JavaScript elements.
CVE-2011-1252 – HTML Sanitization Vulnerability
Description:An information disclosure vulnerability exists in the way that the SafeHTML function sanitizes HTML.
CVE-2011-1890 – Editform Script Injection Vulnerability
Description:A cross-site scripting, information disclosure, and elevation of privilege vulnerability exists in Microsoft SharePoint 2010 and Microsoft Foundation 2010 if a user visits a specially crafted Web site. Due to the vulnerability, malicious JavaScript can be injected into a post made to a targeted SharePoint site.
CVE-2011-1891 – Contact Details Reflected XSS Vulnerability
Description:A cross-site scripting vulnerability in Microsoft SharePoint could allow an attacker to gain control over valid user accounts, perform operations on the user's behalf, redirect the user to malicious sites, or steal user credentials.
CVE-2011-1892 – SharePoint Remote File Disclosure Vulnerability
Description:A file disclosure vulnerability exists in Microsoft Office SharePoint that could allow a malicious authenticated user to use a specially crafted XML file to gain read-only access to a local file on the SharePoint server under the security context of the account running SharePoint.
CVE-2011-1893 – SharePoint XSS Vulnerability
Description:A cross-site scripting, information disclosure, and elevation of privilege vulnerability exists in Microsoft SharePoint Server and Windows SharePoint Services where JavaScript that is encoded in a specially crafted URL can be reflected back to the user in the resulting page, allowing an attacker to issue SharePoint commands in the context of the authenticated user on a targeted SharePoint site.