Security Advisory - April 12, 2011
Zscaler Provides Protection for Record Setting Microsoft Patch Cycle
Microsoft today deployed their largest patch cycle ever, covering 64 vulnerabilities. Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for 33 web based, client side vulnerabilities included in the April 2011 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with this release and deploy additional protections as necessary.
MS11-018 – Cumulative Security Update for Internet Explorer (2497640)
Severity: Critical
Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows 7
- Windows Server 2008
CVE-2011-0094 Layouts Handling Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page.
CVE-2011-1245 Javascript Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to information in another domain or Internet Explorer zone
CVE-2011-1345 Object Management Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted.
MS11-021 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279)
Severity: Important
Affected Software
- Microsoft Office XP
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
CVE-2011-0097 Excel Integer Overrun Vulnerability
CVE-2011-0098 Excel Heap Overflow Vulnerability
CVE-2011-0978 Excel Array Indexing Vulnerability
CVE-2011-0979 Excel Linked List Corruption Vulnerability
CVE-2011-0980 Excel Dangling Pointer Vulnerability
CVE-2011-0101 Excel Record Parsing WriteAV Vulnerability
CVE-2011-0103 Excel Memory Corruption Vulnerability
CVE-2011-0104 Excel Buffer Overwrite Vulnerability
CVE-2011-0105 Excel Data Initialization Vulnerability
MS11-022 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283)
Severity: Critical
Affected Software
- Microsoft Office XP
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
CVE-2011-0655 Floating Point Techno-color Time Bandit RCE Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files.
CVE-2011-0656 Persist Directory RCE Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files.
CVE-2011-0976 OfficeArt Atom RCE Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files.
MS11-023 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293)
Severity: Important
Affected Software
- Microsoft Office XP
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
CVE-2011-0977 Microsoft Office Graphic Object Dereferencing Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Office handles graphic objects when parsing a specially crafted Office file.
MS11-024 – Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308)
Severity: Critical
Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows 7
- Windows Server 2008
CVE-2010-3974 Fax Cover Page Editor Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the Windows Fax Cover Page Editor improperly parses specially crafted fax cover pages.
MS11-028 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015)
Severity: Critical
Affected Software
- Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows 7
- Windows Server 2008
CVE-2010-3958 .NET Framework Stack Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft .NET Framework handles certain function calls.
MS11-029 – Vulnerability in GDI+ Could Allow Remote Code Execution (2489979)
Severity: Critical
Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows Server 2008
CVE-2011-0041 - GDI+ Integer Overflow Vulnerability
Description: A remote code execution vulnerability exists in the way that GDI+ handles integer calculations.
MS11-033 – Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663)
Severity: Important
Affected Software
- Windows XP
- Windows 2003 Server
CVE-2011-0028 - WordPad Converter Parsing Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft WordPad parses specially crafted Word documents.
MS11-026 – Vulnerability in MHTML Could Allow Information Disclosure (2503658)
Severity: Important
Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows 7
- Windows Server 2008
CVE-2011-0096 MHTML Mime-Formatted Request Vulnerability
Description: An information disclosure vulnerability exists in the way MHTML interprets MIME-formatted requests for content blocks within a document.
MS11-027 – Cumulative Security Update of ActiveX Kill Bits (2508272)
Severity: Critical
Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows 7
- Windows Server 2008
CVE-2010-0811 Microsoft Internet Explorer 8 Developer Tools Vulnerability
Description: A remote code execution vulnerability exists in the ActiveX control, Microsoft Internet Explorer 8 Developer Tools.
CVE-2010-3973 Microsoft WMITools ActiveX Control Vulnerability
Description: A remote code execution vulnerability exists in one of the Microsoft WMITools ActiveX controls.
CVE-2011-1243 Microsoft Windows Messenger ActiveX Control Vulnerability
Description: A remote code execution vulnerability exists in the Microsoft Windows Messenger ActiveX Control.
MS11-032 – Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618)
Severity: Critical
Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows 7
- Windows Server 2008
CVE-2011-0034 - OpenType Font Stack Overflow Vulnerability
Description: A remote code execution vulnerability exists in the way that the OpenType Font (OTF) driver improperly parses specially crafted OpenType fonts.
MS11-034 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)
Severity: Important
Affected Software
- Windows XP
- Windows 2003 Server
- Windows Vista
- Windows 7
- Windows Server 2008