This month Microsoft released eight bulletins (MS11-075 - MS11-082). Secunia has rated five of the them as “Highly Critical”, Microsoft has rated two as “Critical” and the rest as “Important”. For seven of the bulletins at least one of the vulnerabilities has received a rating of “1” in the Microsoft Exploitability Index for one or more of the affected products. Microsoft describes a “1” as “Consistent exploit code likely”.
In the table below you will find an overview of the Microsoft Bulletins and the corresponding Secunia Advisories, as well as the ratings from both Microsoft and Secunia.
|MS KB||CVE(s)||Secunia Rating||MS Rating||Microsoft
|MS11-080||SA46401||KB2592799||CVE-2011-2005||Less||Important||N/A, 1||Local System|
|High||Moderate - Critical||1,1 1,1
Note: The first digit in the “Microsoft Exploitability Index” refers to the latest version of the affected product. The second digit refers to older versions. See “Microsoft Security Bulletin Summary for October” for more details. N/A implies that either older or newer products are not affected or covered by the index.
Five of the bulletins should receive immediate attention (SA46404, SA46405, SA46606, SA46400, and SA46402) as these all allow execution of arbitrary code and one or more vulnerabilities fixed by each update has an “Exploitability Index” rating of “1”. This implies that Microsoft finds it likely that attackers can develop reliable exploit code.
SA46401 addresses a Privilege Escalation vulnerability and should be considered a “defence in depth” update. Therefore it is strongly recommended to apply this update as it can be exploited to gain elevated privileges on certain version of Windows. However, it is not as urgent as the vulnerabilities with a remote vector.
SA46403 only affects special configurations or systems running third party programs which utilise the Active Accessibility COM object. Therefore it is unlikely that this vulnerability would be exploited on a large scale.