Microsoft Expects to See Exploits for Critical IE Flaws Within 30 Days

Microsoft expects reliable exploits to be created in the next thirty days for the critical Internet Explorer vulnerabilities patched this Tuesday.

The MS11-057 IE security bulletin addresses seven security vulnerabilities that affect all versions of the browser on all supported Windows flavors.

Five of the flaws were reported privately to Microsoft and two were disclosed publicly. Their severity ratings range from important to critical.

Fortunately, the two publicly reported vulnerabilities do not facilitate remote code execution and can only lead to information disclosure.

According to Microsoft's vulnerability exploitability index, MS11-057 has the highest score with the note "likely to see reliable exploits developed within next 30 days."

This means users should deploy patches immediately, especially since the flaws facilitate drive-by download attacks that can compromise computers by only visiting a page.

Another security bulletin rated as critical, MS11-058, covers two vulnerabilities in Microsoft's DNS Service. One of them can be leveraged by attackers to execute arbitrary code on Windows Server 2008 and Windows Server 2008 R2 systems.

Even though this vulnerability has a critical impact it's exploitability index is low because the attacker needs to trick a legitimate DNS server into making requests to a rogue one.

"One common affected configuration is a caching or relay DNS server on a corporate network where a malicious user is lurking. Less likely to be affected are authoritative DNS servers hosting zones exposed to the Internet, where recursion is often disabled," the Microsoft security engineers explain.

Other security vulnerabilities were patched in the Windows Client/Server Run-time Subsystem (MS11-063), the Remote Access Service NDISTAPI Driver (MS11-062), the TCP/IP stack (MS11-064), the Remote Desktop Protocol (MS11-065), Visio (MS11-060), the Chart Web Control (MS11-066), the Report Viewer Web Control (MS11-067), the Remote Desktop Web Access Login Page (MS11-061), the Data Access Components (MS11-059), the Windows kernel (MS11-068) and the .NET Framework (MS11-069).