Security Advisory - April 12, 2011

Zscaler Provides Protection for Record Setting Microsoft Patch Cycle

Microsoft today deployed their largest patch cycle ever, covering 64 vulnerabilities. Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for 33 web based, client side vulnerabilities included in the April 2011 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with this release and deploy additional protections as necessary.

MS11-018 – Cumulative Security Update for Internet Explorer (2497640)

Severity: Critical
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 7
  • Windows Server 2008

CVE-2011-0094 Layouts Handling Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page.

CVE-2011-1245 Javascript Information Disclosure Vulnerability

Description: An information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to information in another domain or Internet Explorer zone

CVE-2011-1345 Object Management Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted.

MS11-021 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279)

Severity: Important
Affected Software

  • Microsoft Office XP
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011

CVE-2011-0097 Excel Integer Overrun Vulnerability

CVE-2011-0098 Excel Heap Overflow Vulnerability

CVE-2011-0978 Excel Array Indexing Vulnerability

CVE-2011-0979 Excel Linked List Corruption Vulnerability

CVE-2011-0980 Excel Dangling Pointer Vulnerability

CVE-2011-0101 Excel Record Parsing WriteAV Vulnerability

CVE-2011-0103 Excel Memory Corruption Vulnerability

CVE-2011-0104 Excel Buffer Overwrite Vulnerability

CVE-2011-0105 Excel Data Initialization Vulnerability

MS11-022 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283)

Severity: Critical
Affected Software

  • Microsoft Office XP
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011

CVE-2011-0655 Floating Point Techno-color Time Bandit RCE Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files.

CVE-2011-0656 Persist Directory RCE Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files.

CVE-2011-0976 OfficeArt Atom RCE Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files.

MS11-023 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293)

Severity: Important
Affected Software

  • Microsoft Office XP
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac

CVE-2011-0977 Microsoft Office Graphic Object Dereferencing Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft Office handles graphic objects when parsing a specially crafted Office file.

MS11-024 – Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308)

Severity: Critical
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 7
  • Windows Server 2008

CVE-2010-3974 Fax Cover Page Editor Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that the Windows Fax Cover Page Editor improperly parses specially crafted fax cover pages.

MS11-028 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015)

Severity: Critical
Affected Software

  • Affected Software
  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 7
  • Windows Server 2008

CVE-2010-3958 .NET Framework Stack Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft .NET Framework handles certain function calls.

MS11-029 – Vulnerability in GDI+ Could Allow Remote Code Execution (2489979)

Severity: Critical
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows Server 2008

CVE-2011-0041 - GDI+ Integer Overflow Vulnerability

Description: A remote code execution vulnerability exists in the way that GDI+ handles integer calculations.

MS11-033 – Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663)

Severity: Important
Affected Software

  • Windows XP
  • Windows 2003 Server

CVE-2011-0028 - WordPad Converter Parsing Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft WordPad parses specially crafted Word documents.

MS11-026 – Vulnerability in MHTML Could Allow Information Disclosure (2503658)

Severity: Important
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 7
  • Windows Server 2008

CVE-2011-0096 MHTML Mime-Formatted Request Vulnerability

Description: An information disclosure vulnerability exists in the way MHTML interprets MIME-formatted requests for content blocks within a document.

MS11-027 – Cumulative Security Update of ActiveX Kill Bits (2508272)

Severity: Critical
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 7
  • Windows Server 2008

CVE-2010-0811 Microsoft Internet Explorer 8 Developer Tools Vulnerability

Description: A remote code execution vulnerability exists in the ActiveX control, Microsoft Internet Explorer 8 Developer Tools.

CVE-2010-3973 Microsoft WMITools ActiveX Control Vulnerability

Description: A remote code execution vulnerability exists in one of the Microsoft WMITools ActiveX controls.

CVE-2011-1243 Microsoft Windows Messenger ActiveX Control Vulnerability

Description: A remote code execution vulnerability exists in the Microsoft Windows Messenger ActiveX Control.

MS11-032 – Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618)

Severity: Critical
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 7
  • Windows Server 2008

CVE-2011-0034 - OpenType Font Stack Overflow Vulnerability

Description: A remote code execution vulnerability exists in the way that the OpenType Font (OTF) driver improperly parses specially crafted OpenType fonts.

MS11-034 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)

Severity: Important
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 7
  • Windows Server 2008

CVE-2011-0662

CVE-2011-1229

CVE-2011-1231

CVE-2011-1237

CVE-2011-1238

CVE-2011-1239

CVE-2011-1241

CVE-2011-1242