Help
November 2011 Windows Updates
Nov 10 2011 05:00 AM | JudyC in Windows Updates
November's security bulletin is here: http://technet.micro...lletin/ms11-nov
CF recommends waiting a week to ten days to install updates rolled out on patch Tuesday. There have been numerous times when an update has resulted in major problems. By waiting, you have a greater assurance that any major issues have been resolved and/or an update may be pulled from release if the major issues cannot be resolved. This caveat does not apply to out-of-cycle critical security updates which should be installed as soon as they are released.
Keep in mind that you may not be offered all of these updates depending on the version of Windows on your computer and whether or not you have MS Office installed or other indicated software installed. In addition, the severity level and KB number of the update may vary based upon the same. Check the bulletin for specific information.
We only post Critical and Important security related update information here. As a general rule, you should not install any offered driver updates unless you are certain your pc manufacturer or hardware manufacturer's sites specifically state that is how updates are rolled out. "Recommended" updates should be checked out thoroughly before installing. If you do not have the issue the recommended updates are supposed to address, or do not wish to install the programs they offer, you may not need the update. In addition, if you install a recommended update without having the issue it addresses, it may cause problems.
If you have problems with any updates:
Start a free Windows Update support incident request: https://support.micr...aspx?gprid=6527
Support for Windows Update: http://support.micro...om/gp/wusupport
For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary.
For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site: http://support.micro...l.aspx?rdpath=4
North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the same site.
-----------------------------------
KB2588516 - Vulnerability in TCP/IP Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-083
-----------------------------------
KB2620704 - Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-085
-----------------------------------
KB2630837 - Vulnerability in Active Directory Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-086
-----------------------------------
KB2617657 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-084
-----------------------------------
Remember to set a restore point on your computer before installing new Windows updates, and again, waiting a week or so to install is a good idea.
CF recommends waiting a week to ten days to install updates rolled out on patch Tuesday. There have been numerous times when an update has resulted in major problems. By waiting, you have a greater assurance that any major issues have been resolved and/or an update may be pulled from release if the major issues cannot be resolved. This caveat does not apply to out-of-cycle critical security updates which should be installed as soon as they are released.
Keep in mind that you may not be offered all of these updates depending on the version of Windows on your computer and whether or not you have MS Office installed or other indicated software installed. In addition, the severity level and KB number of the update may vary based upon the same. Check the bulletin for specific information.
We only post Critical and Important security related update information here. As a general rule, you should not install any offered driver updates unless you are certain your pc manufacturer or hardware manufacturer's sites specifically state that is how updates are rolled out. "Recommended" updates should be checked out thoroughly before installing. If you do not have the issue the recommended updates are supposed to address, or do not wish to install the programs they offer, you may not need the update. In addition, if you install a recommended update without having the issue it addresses, it may cause problems.
If you have problems with any updates:
Start a free Windows Update support incident request: https://support.micr...aspx?gprid=6527
Support for Windows Update: http://support.micro...om/gp/wusupport
For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary.
For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site: http://support.micro...l.aspx?rdpath=4
North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the same site.
-----------------------------------
KB2588516 - Vulnerability in TCP/IP Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-083
-----------------------------------
KB2620704 - Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-085
-----------------------------------
KB2630837 - Vulnerability in Active Directory Could Allow Elevation of Privilege
This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-086
-----------------------------------
KB2617657 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message.
For more information and severity rating, see this: http://technet.micro...lletin/ms11-084
-----------------------------------
Remember to set a restore point on your computer before installing new Windows updates, and again, waiting a week or so to install is a good idea.
