Microsoft Patch Tuesday Roundup - August 2011
A few interesting notes on this month's Microsoft Patch Tuesday release:
- Windows DNS servers are vulnerable to remote exploitation. However, they must implement a specific configuration.
- We've released a new plugin to detect the Remote Desktop Web Access service on Windows.
- Another five vulnerabilities in Internet Explorer have been fixed. I believe this to be one of the more critical things to patch. While Microsoft claims there are no known exploits, no one can be certain.
To further aid in your efforts to evaluate the exposures presented by the vulnerabilities addressed by Microsoft’s Patch Tuesday, Tenable's Research team has published Nessus plugins for each of the security bulletins issued this month:
- MS11-058 - Nessus Plugin ID 55788 (Credentialed Check)
- MS11-059 - Nessus Plugin ID 55789 (Credentialed Check)
- MS11-060 - Nessus Plugin ID 55790 (Credentialed Check)
- MS11-061 - Nessus Plugin ID 55791 (Credentialed Check)
- MS11-062 - Nessus Plugin ID 55792 (Credentialed Check)
- MS11-063 - Nessus Plugin ID 55793 (Credentialed Check)
- MS11-064 - Nessus Plugin ID 55794 (Credentialed Check)
- MS11-065 - Nessus Plugin ID 55795 (Credentialed Check)
- MS11-066 - Nessus Plugin ID 55796 (Credentialed Check)
- MS11-067 - Nessus Plugin ID 55797 (Credentialed Check)
- MS11-068 - Nessus Plugin ID 55798 (Credentialed Check)
- MS11-069 - Nessus Plugin ID 55799 (Credentialed Check)
Resources
Related Articles
Securing Financial Data in the Cloud: How Tenable Can Help
November 4, 2024Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.