November turned out to be a relatively light month for Microsoft security patches as only four total vulnerabilities were addressed. Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for one of those issues, a vulnerability in a Windows Address Book Component. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections as necessary.
MS11-085 –Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
- Windows Vista
- Windows Server 2008
- Windows 7
CVE-2011-2016 - Windows Mail Insecure Library Loading Vulnerability
Description: A remote code execution vulnerability exists in the way that Windows Mail and Windows Meeting Space handle the loading of DLL files.