2011 is certainly starting off pretty quietly as far as patch deployments go, with Microsoft releasing just a couple of security bulletins designed to resolve a total of three vulnerabilities across various supported versions of Windows client and server.
The security updates went live on January 11th, 2011 as a part of the company’s normal patch cycle and are now available to customers worldwide.
As previously announced
, neither of the two January 2011 security bulletins are designed to address two recently confirmed zero-day issues affecting the Windows Graphics Rendering Engine and Internet Explorer. MS11-001
can be considered the first security bulletin of 2011, considering the official label. This particular patch package is designed to deal with a single security vulnerability impacting Windows Vista.
According to Microsoft, the hole in Windows Backup Manager has been rated as Important, despite the fact that a successful exploit could allow an attacker to perform remote code execution. MS11-002
is set up to resolve two security vulnerabilities in Microsoft Data Access Components. All supported versions of Windows are affected, including Windows 7.
“Microsoft has not seen active attacks seeking to exploit any of the vulnerabilities, but as always, encourages customers to test and deploy all updates as soon as possible to help prevent criminal attacks.
“In particular, Microsoft recommends that systems administrators prioritize deployment of the following Critical bulletin: MS11-002 addresses two vulnerabilities in Microsoft Windows,” revealed Jerry Bryant, group manager, response communications, Microsoft.
Even no active attacks or Proof of Concept (PoC) code were discovered in the wild, the Redmond company still recommends that customers running Windows patch as soon as possible.
Bryant is featured in a video on the software giant’s official corporate security response blog
providing additional details related to the security bulletins released this January as well as the vulnerabilities they’re designed to patch.