Patch Tuesday

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.236)

XML data version = 2.0.0.0236 Last modified on 5/10/2011

Security

– Added MS11-035(Q2524426): Vulnerability in WINS Could Allow Remote Code Execution (2524426)

– Added MS11-036(Q2545814): Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)

– Added NTCK-006(QSKB17119): SKB17119: HotFix release for Shavlik NetChk Protect 7.8

– Added CHROME-15(Q11069665): Google Chrome 11.0.696.65

Non Security

– Added MSWU-509(Q2492386): Application Compatibility Update for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: April 2011

– Added MSWU-511(Q2511250): You cannot print a Scalable Vector Graphics (SVG) or level 3 Cascading Style Sheet (CSS3) file in Internet Explorer 9

– Added MSWU-512(Q2536411):  Office Outlook 2003 Junk Email Filter update: May 10, 2011

– Added MSWU-513(Q2536413): Office Outlook 2007 Junk Email Filter update: May 10, 2011

Revision

– Modified MS11-022(Q2464623): Added PowerPoint 2007 SP2 as an affected product.

– Modified MS11-023(Q2509488): Added Microsoft Office Compatibility Pack SP2 as an affected product.

– Modified MS11-025(Q2467173): Fixed issue with file detection on x64 systems.

– Modified MS11-029(Q2412687): Fixed an issue where patch did not show as missing on some systems running Windows 2008 x64 SP2.

Posted on by shavlikdatateam Patch and Bulletin Information

New Patch Data Available (2.0.0.98)

XML data version = 2.0.0.0098 Last modified on 4/13/2011

Security
– Added MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212)

– Added MS11-031: Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666)

Revision

– Modified MS11-022: Added Office Web Apps as an affected product.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.90)

XML data version = 2.0.0.0090 Last modified on 4/12/2011

Security

– Added MS11-018: Cumulative Security Update for Internet Explorer (2497640)

– Added MS11-019: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)

– Added MS11-020: Vulnerability in SMB Server Could Allow Remote Code Execution (2508429)

– Added MS11-021: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279)

– Added MS11-022: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283)

– Added MS11-023: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293)

– Added MS11-024: Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308)

– Added MS11-026: Vulnerability in MHTML Could Allow Information Disclosure (2503658)

– Added MS11-027: Cumulative Security Update of ActiveX Kill Bits (2508272)

– Added MS11-028: Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015)

– Added MS11-029: Vulnerability in GDI+ Could Allow Remote Code Execution (2489979)

– Added MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553)

– Added MS11-032: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618)

– Added MS11-033: Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663)

– Added MS11-034: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)

– Added SKYPE-15(QSKY530): Skype 5.3

Non Security

– Added MSWU-503(Q2028885): Description of the cumulative update package for Communicator 2007: July 2010

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1584)

XML data version = 1.1.4.1584 Last modified on 3/8/2011

Security

– Added MS11-015: Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030).

– Added MS11-016: Vulnerability in Microsoft Groove Could Allow Remote Code Execution (2494047).

– Added MS11-017: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062).

– Added CHROME-08(Q100648127): Google Chrome 10.0.648.127.

Non Security

– Added FF11-003(QFF03615): Firefox 3.6.15.

– Added TB11-319(QTB3190): Thunderbird 3.1.9.

– Added MSWU-493(Q2508979): Description of the Office Outlook 2007 Junk Email Filter update: March 8, 2011.

– Added MSWU-494(Q2508974): Description of the Office Outlook 2003 Junk Email Filter update: March 8, 2011

Revision

– Modified MSWU-431(Q982726): Updated Outlook 2010 Junk Email Filter update: March 8, 2011.

– Modified MSRT-001(Q890830): Updated Malicious Software Removal Tool v3.17.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1540)

XML data version = 1.1.4.1540 Last modified on 2/8/2011

Security

– Added MS11-003: Cumulative Security Update for Internet Explorer (2482017)

– Added MS11-004: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)

– Added MS11-005: Vulnerability in Active Directory Could Allow Denial of Service (2478953)

– Added MS11-006: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)

– Added MS11-007: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)

– Added MS11-008: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)

– Added MS11-009: Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)

– Added MS11-010: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)

– Added MS11-011: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)

– Added MS11-012: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)

– Added MS11-013: Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)

– Added MS11-014: Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1498)

XML data version = 1.1.4.1498 Last modified on 1/11/2010

Product

– Added support for HP System Management Homepage.

– Added support for Adobe AIR.

Security

– Added MS11-001(Q2478935): Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935).

– Added MS11-002(Q2419632): Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2419632).

– Added APSB-0823(QAIR250): AIR update available to address security vulnerabilities.

Non Security

– Added HSMH-01(HP6227): HP System Management Homepage 6.2.2.7.

– Added MSWU-473(Q2483110): Description of the Office Outlook 2007 Junk Email Filter update: January 11, 2011.

Revision

– Updated MSWU-431(Q982726):  Description of the Outlook 2010 Junk Email Filter update.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1464)

XML data version = 1.1.4.1464 Last modified on 12/14/2010

Security

– Added MS10-090: Cumulative Security Update for Internet Explorer (2416400)

– Added MS10-091: Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution (2296199)

– Added MS10-092: Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)

– Added MS10-093: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (2424434)

– Added MS10-094: Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)

– Added MS10-095: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2385678)

– Added MS10-096: Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089)

– Added MS10-097: Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)

– Added MS10-098: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)

– Added MS10-099: Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591)

– Added MS10-100: Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)

– Added MS10-101: Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)

– Added MS10-102: Vulnerability in Hyper-V Could Allow Denial of Service (2345316)

– Added MS10-103: Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)

– Added MS10-104: Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)

– Added MS10-105: Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)

– Added MS10-106: Vulnerability in Microsoft Exchange Server Could Allow Denial of Service (2407132)

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1418)

XML data version = 1.1.4.1418 Last modified on 11/9/2010

Security

– Added MS10-087: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)

– Added MS10-088: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)

Note:

Shavlik is not supporting detection and deployment of MS10-089 at this time. Currently, we are not able to deploy this patch properly. Additionally, there are manual steps required of administrators after the patch is installed to properly protect systems from the vulnerabilities that this patch fixes. We will continue to investigate supporting this patch in a detection only manner, and may update our support at a later time.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1380)

XML data version = 1.1.4.1380 Last modified on 10/12/2010

Product

– Added support for Access Runtime 2003.

Security

– Added MS10-071: Cumulative Security Update for Internet Explorer (2360131)

– Added MS10-072: Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)

– Added MS10-073: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)

– Added MS10-074: Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)

– Added MS10-075: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)

– Added MS10-076: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)

– Added MS10-077: Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)

– Added MS10-078: Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)

– Added MS10-079: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)

– Added MS10-080: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)

– Added MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)

– Added MS10-082: Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)

– Added MS10-083: Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)

– Added MS10-084: Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)

– Added MS10-085: Vulnerability in SChannel Could Allow Denial of Service (2207566)

– Added MS10-086: Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)

Revision

– Modified MS10-044(Q981716): Fixed an issue where Access Runtime 2003 was being detected as Access 2003.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1334)

XML data version = 1.1.4.1334 Last modified on 9/14/2010

Product

– Added support for Opera 10.62.

– Added support for SeaMonkey 2.0.7.

Security

– Added MS10-061: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)

– Added MS10-062: Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution (975558)

– Added MS10-063: Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2320113)

– Added MS10-064: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2315011)

– Added MS10-065: Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution (2267960)

– Added MS10-066: Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (982802)

– Added MS10-067: Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2259922)

– Added MS10-068: Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege (983539)

– Added MS10-069: Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege (2121546)

– Added OPERA-06(QOP1062): Opera 10.62.

– Added SM10-207(QSM2070): SeaMonkey 2.0.7.

Revision

– Modified MS10-040(Q982666): added IIS 6.0 for Windows Small Business Server 2003 as an affected product.

– Modified MSRT-001(Q890830): added Windows Server 2008 R2 x64 as an affected product.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1268)

XML data version = 1.1.4.1268 Last modified on 8/10/2010

Security

– Added MS10-047: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852)

– Added MS10-048: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329)

– Added MS10-049: Vulnerabilities in SChannel could allow Remote Code Execution (980436)

– Added MS10-050: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (981997)

– Added MS10-051: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)

– Added MS10-052: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168)

– Added MS10-053: Cumulative Security Update for Internet Explorer (2183461)

– Added MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)

– Added MS10-055: Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)

– Added MS10-056: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638)

– Added MS10-057: Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707)

– Added MS10-058: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)

– Added MS10-059: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799)

– Added MS10-060: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)

– Added APSB-1016: Security update available for Adobe Flash Player 10.1.82.76.

– Added TB10-312: Thunderbird 3.1.2.

Revision

– Added MS10-060(Q974556): Office XP SP3.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1218)

XML data version = 1.1.4.1218 Last modified on 07/13/2010

Security

– Added MS10-042: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)

– Added MS10-043: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)

– Added MS10-044: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)

– Added MS10-045: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1160)

XML data version = 1.1.4.1160 Last modified on 06/8/2010

Security

– Added MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559).

– Added MS10-033: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902).

– Added MS10-034: Cumulative Security Update of ActiveX Kill Bits (980195).

– Added MS10-035: Cumulative Security Update for Internet Explorer (982381).

– Added MS10-036: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235).

– Added MS10-037: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218).

– Added MS10-038: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452).

– Added MS10-039: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554).

– Added MS10-040: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666).

– Added MS10-041: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343).

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (1.1.4.1120)

XML data version = 1.1.4.1120 Last modified on 05/11/2010

Security

– Added MS10-030(Q978542): Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542).

– Added MS10-031(Q978213): Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213).

– Added APSB-1012(QASW119): Security update available for Shockwave Player 11.5.7.609.

Non Security

– Added CPS40R06-W2K007(Q120724): Hotfix PSE400R06W2K007 – For Citrix Presentation Server 4.0 for Windows 2000 Server.

– Added CPS40RO6-W2K3020(Q120741): Hotfix PSE400R06W2K3020 – For Citrix Presentation Server 4.0 for Windows Server 2003.

– Added CPS40RO6-W2K3006(Q119811): Hotfix PSE400R06W2K3006 – For Citrix Presentation Server 4.0 for Windows Server 2003.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.4.1066)

XML data version = 1.1.4.1066 Last modified on 04/13/2010

Security

MS10-019: Vulnerabilities in Windows Could Allow Remote Code Execution (981210)

MS10-020: Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232)

MS10-021: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)

MS10-022: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)

MS10-023: Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)

MS10-024: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)

MS10-025: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858)

MS10-026: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)

MS10-027: Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402)

MS10-028: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)

MS10-029: Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338)