Microsoft has released three bulletins to fix four vulnerabilities in this month’s Patch Tuesday. Out of four vulnerabilities One is rated as “Critical” and rest are rated as “Important” , the critical vulnerability is found in Windows Media Player and Media Center. The remaining issues are affecting DirectShow, Remote Desktop Client and Microsoft Office Groove.
- Download Windows XP Service Pack 3
- Download Windows Vista Service pack 2
- Download Windows 7 / Server 2008 R2 Service Pack RC1
MS11-015, KB25100300 – Rated – Critical – This vulnerability affects DirectShow, Windows Media Center and Windows Media Player. This is a remote code execution vulnerability which can be exploited if user clicks a specially crafted media file. This patch is advised to be applied immediately.
Affects :- Windows XP, Windows 7, Windows Vista
MS11-016, KB2494047 – Rated – Important – This vulnerability affects Microsoft Groove Library Loading module. This is also a remote code execution vulnerability which can be exploited if you open a malformed attack DLL on a shared drive.
Affects :- Microsoft Groove 2007
MS11-017, KB2508062 – Rated – Important – This vulnerability is again and remote code execution exploit. This vulnerability affects Remote Desktop Client and can be exploited by putting and EDP file in same location as a bad DLL file.
Affects :- Windows XP, Vista, 2003, 2008, 2008 R2