Help
December 2011 Windows Updates
Dec 13 2011 05:00 AM | JudyC in Windows Updates
December's Security Bulletin is here: http://technet.micro...lletin/ms11-dec
CF recommends waiting a week to ten days to install updates rolled out on patch Tuesday. There have been numerous times when an update has resulted in major problems. By waiting, you have a greater assurance that any major issues have been resolved and/or an update may be pulled from release if the major issues cannot be resolved. This caveat does not apply to out-of-cycle critical security updates which should be installed as soon as they are released.
Keep in mind that you may not be offered all of these updates depending on the version of Windows on your computer and whether or not you have MS Office installed or other indicated software installed. In addition, the severity level and KB number of the update may vary based upon the same. Check the bulletin for specific information.
We only post Critical and Important security related update information here. As a general rule, you should not install any offered driver updates unless you are certain your pc manufacturer or hardware manufacturer's sites specifically state that is how updates are rolled out. "Recommended" updates should be checked out thoroughly before installing. If you do not have the issue the recommended updates are supposed to address, or do not wish to install the programs they offer, you may not need the update. In addition, if you install a recommended update without having the issue it addresses, it may cause problems.
If you have problems with any updates:
Start a free Windows Update support incident request: https://support.micr...aspx?gprid=6527
Support for Windows Update: http://support.micro...om/gp/wusupport
For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary.
For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site: http://support.micro...l.aspx?rdpath=4
North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the same site.
-----------------------------------
KB2639417 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits a malicious Web page that embeds TrueType font files.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-087
-----------------------------------
KB2618451 - Cumulative Security Update of ActiveX Kill Bits
This security update resolves a privately reported vulnerability in Microsoft software. The vulnerability could allow remote code execution if a user views a specially crafted Web page that uses a specific binary behavior in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes kill bits for four third-party ActiveX controls.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-090
-----------------------------------
KB2648048 - Vulnerability in Windows Media Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Windows Media Player and Windows Media Center. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-092
-----------------------------------
KB2652016 - Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged-on user performed specific actions on a system where an affected version of the Microsoft Pinyin (MSPY) Input Method Editor (IME) for Simplified Chinese is installed. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. Only implementations of Microsoft Pinyin IME 2010 are affected by this vulnerability. Other versions of Simplified Chinese IME and other implementations of IME are not affected.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-088
-----------------------------------
KB2590602 - Vulnerability in Microsoft Office Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-089
-----------------------------------
KB2607702 - Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution
This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...letin/ms11-091/
-----------------------------------
KB2624667 - Vulnerability in OLE Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability.
The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-093
-----------------------------------
KB2639142 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution
This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of the vulnerabilities could take complete control of an affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-094
-----------------------------------
KB2640045 - Vulnerability in Active Directory Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow remote code execution if an attacker logs on to an Active Directory domain and runs a specially crafted application. To exploit this vulnerability, an attacker would first need to acquire credentials to log on to an Active Directory domain.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-095
-----------------------------------
KB2640241 - Vulnerability in Microsoft Excel Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-3403.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-096
-----------------------------------
KB2620712 - Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-097
-----------------------------------
KB2633171 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-098
-----------------------------------
KB2618444 - Cumulative Security Update for Internet Explorer
This security update resolves three privately reported vulnerabilities in Internet Explorer. The most severe vulnerability could allow remote code execution if a user opens a legitimate HyperText Markup Language (HTML) file that is located in the same directory as a specially crafted dynamic link library (DLL) file.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-099
-----------------------------------
Remember to set a restore point on your computer before installing new Windows updates, and again, waiting a week or so to install is a good idea.
CF recommends waiting a week to ten days to install updates rolled out on patch Tuesday. There have been numerous times when an update has resulted in major problems. By waiting, you have a greater assurance that any major issues have been resolved and/or an update may be pulled from release if the major issues cannot be resolved. This caveat does not apply to out-of-cycle critical security updates which should be installed as soon as they are released.
Keep in mind that you may not be offered all of these updates depending on the version of Windows on your computer and whether or not you have MS Office installed or other indicated software installed. In addition, the severity level and KB number of the update may vary based upon the same. Check the bulletin for specific information.
We only post Critical and Important security related update information here. As a general rule, you should not install any offered driver updates unless you are certain your pc manufacturer or hardware manufacturer's sites specifically state that is how updates are rolled out. "Recommended" updates should be checked out thoroughly before installing. If you do not have the issue the recommended updates are supposed to address, or do not wish to install the programs they offer, you may not need the update. In addition, if you install a recommended update without having the issue it addresses, it may cause problems.
If you have problems with any updates:
Start a free Windows Update support incident request: https://support.micr...aspx?gprid=6527
Support for Windows Update: http://support.micro...om/gp/wusupport
For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary.
For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site: http://support.micro...l.aspx?rdpath=4
North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the same site.
-----------------------------------
KB2639417 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits a malicious Web page that embeds TrueType font files.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-087
-----------------------------------
KB2618451 - Cumulative Security Update of ActiveX Kill Bits
This security update resolves a privately reported vulnerability in Microsoft software. The vulnerability could allow remote code execution if a user views a specially crafted Web page that uses a specific binary behavior in Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes kill bits for four third-party ActiveX controls.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-090
-----------------------------------
KB2648048 - Vulnerability in Windows Media Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Windows Media Player and Windows Media Center. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-092
-----------------------------------
KB2652016 - Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged-on user performed specific actions on a system where an affected version of the Microsoft Pinyin (MSPY) Input Method Editor (IME) for Simplified Chinese is installed. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. Only implementations of Microsoft Pinyin IME 2010 are affected by this vulnerability. Other versions of Simplified Chinese IME and other implementations of IME are not affected.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-088
-----------------------------------
KB2590602 - Vulnerability in Microsoft Office Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-089
-----------------------------------
KB2607702 - Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution
This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...letin/ms11-091/
-----------------------------------
KB2624667 - Vulnerability in OLE Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability.
The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-093
-----------------------------------
KB2639142 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution
This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of the vulnerabilities could take complete control of an affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-094
-----------------------------------
KB2640045 - Vulnerability in Active Directory Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow remote code execution if an attacker logs on to an Active Directory domain and runs a specially crafted application. To exploit this vulnerability, an attacker would first need to acquire credentials to log on to an Active Directory domain.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-095
-----------------------------------
KB2640241 - Vulnerability in Microsoft Excel Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-3403.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-096
-----------------------------------
KB2620712 - Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-097
-----------------------------------
KB2633171 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-098
-----------------------------------
KB2618444 - Cumulative Security Update for Internet Explorer
This security update resolves three privately reported vulnerabilities in Internet Explorer. The most severe vulnerability could allow remote code execution if a user opens a legitimate HyperText Markup Language (HTML) file that is located in the same directory as a specially crafted dynamic link library (DLL) file.
See this page for more information and severity rating: http://technet.micro...lletin/ms11-099
-----------------------------------
Remember to set a restore point on your computer before installing new Windows updates, and again, waiting a week or so to install is a good idea.
