Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Microsoft > Patches and Vulnerabilities

May 11th, 2011, 09:23 GMT · By

Microsoft Patches 3 Vulnerabilities in Windows and Office (May 2011)

SHARE:

Adjust text size:


Windows Update
Enlarge picture
Slow month for Microsoft, patch-wise, with just two security bulletins available in May 2011, designed to plug only three holes in Windows and Office.

As revealed in the Advanced Notification that the software giant made public last week, only one of the two patch packages this month carries a rating of Critical.

Obviously, Microsoft Security Bulletin MS11-035 is also considered a priority as far as deployment goes, but customers should consider deploying all the May 2011 security updates as soon as possible in order to render useless any potential exploits.

“MS11-035 (WINS or Windows Internet Name Server): This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS),” reveals Pete Voss, Sr. Response Communications Manager Microsoft Trustworthy Computing.

“The vulnerability could allow remote code execution if a user received specially crafted malware on an affected system running the WINS service. By default, WINS is not installed on any affected operating system. Only customers who manually install this component are affected by this issue and will be offered the update.”

The remaining security bulletin, MS11-036 fixes a couple of vulnerabilities in PowerPoint, but despite the fact that it allows for remote code execution, it has been rated only Important in terms of the risks that customers are exposed to.

“The vulnerabilities could allow remote code execution if a user opens a specially crafted malicious PowerPoint file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as a logged-on user,” Voss stated.

“Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

Customers running Windows 7 SP1 or Office 2010 will not have to deploy any security patches this month, since neither of the two security bulletins released by Microsoft this week impacts their products.

TELL US WHAT YOU THINK:

1,672 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


IT Camp Conference Focuses on Microsoft IT Pro and Dev Technologies
Windows Home Server 2011 RTM Evaluation Experience Live
Download Google Chrome 12.0 Beta Build 12.0.742.30
Fuzz Testing Essential in Bulletproofing Office 2010
Just 2 Patches Coming Up, None for Windows 7 SP1, Office 2010 or IE9

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use