February 2011 Microsoft Security Bulletin Release

Article
02/08/2011

Today, as part of our monthly security bulletin release, we have 12 bulletins addressing 22 vulnerabilities in Microsoft Windows, Office, Internet Explorer, and IIS (Internet Information Services). Three bulletins are rated Critical, and these are the bulletins we recommend for priority deployment:

o MS11-003. This bulletin resolves three critical-level and moderate-level vulnerabilities affecting all versions of Internet Explorer. Due to existing mitigations, this bulletin is only rated at Moderate severity for all versions of Windows Server, has an Exploitability Index rating of 1, and will deprecate Security Advisory 2488013.

o MS11-006. This bulletin addresses one Critical-level vulnerability affecting Windows XP, Vista, Server 2003, and Server 2008. Newer versions of our operating system are unaffected. The vulnerability involves Windows Shell Graphics and could if exploited lead to remote code execution.This has an Exploitability Index rating of 1 and will deprecate Security Advisory 2490606 which we released on January 4^th. Since that time, we have not seen any attacks against this issue.

o MS11-007. This bulletin addresses one privately reported vulnerability affecting all supported versions of Windows and involving the OpenType Compact Font Driver. It's rated Critical for Windows Vista, Windows 7, Server 2008 and Server 2008 R2; it's rated Important for Windows XP and Server 2003. This issue has an Exploitability Index rating of 2.

For all the details see February 2011 Security Bulletin Release

J.C. Hornbeck | System Center Knowledge Engineer

February 2011 Microsoft Security Bulletin Release

Additional resources