Microsoft is aware of claims of problems with MS11-011, a security bulletin released by Microsoft in February. We have reviewed the claim and find it to be inaccurate. As described, the issue would require that an attacker already have Administrator-level permissions to the system – and thus, by definition, already have control of it. Users whose accounts are configured to have fewer user rights on the system are not vulnerable to the issue.
Microsoft continues to encourage customers to follow the “Protect Your Computer” guidance of configuring user accounts to have fewer rights on the system, enabling a firewall, applying all software updates, and installing anti-virus and anti-spyware software. Additional information can be found at: www.microsoft.com/protect.