A few interesting notes on this month's Microsoft Patch Tuesday release:
- Windows DNS servers are vulnerable to remote exploitation. However, they must implement a specific configuration.
- We've released a new plugin to detect the Remote Desktop Web Access service on Windows.
- Another five vulnerabilities in Internet Explorer have been fixed. I believe this to be one of the more critical things to patch. While Microsoft claims there are no known exploits, no one can be certain.
To further aid in your efforts to evaluate the exposures presented by the vulnerabilities addressed by Microsoft’s Patch Tuesday, Tenable's Research team has published Nessus plugins for each of the security bulletins issued this month:
- MS11-058 - Nessus Plugin ID 55788 (Credentialed Check)
- MS11-059 - Nessus Plugin ID 55789 (Credentialed Check)
- MS11-060 - Nessus Plugin ID 55790 (Credentialed Check)
- MS11-061 - Nessus Plugin ID 55791 (Credentialed Check)
- MS11-062 - Nessus Plugin ID 55792 (Credentialed Check)
- MS11-063 - Nessus Plugin ID 55793 (Credentialed Check)
- MS11-064 - Nessus Plugin ID 55794 (Credentialed Check)
- MS11-065 - Nessus Plugin ID 55795 (Credentialed Check)
- MS11-066 - Nessus Plugin ID 55796 (Credentialed Check)
- MS11-067 - Nessus Plugin ID 55797 (Credentialed Check)
- MS11-068 - Nessus Plugin ID 55798 (Credentialed Check)
- MS11-069 - Nessus Plugin ID 55799 (Credentialed Check)
- Microsoft Security Bulletin Summary for August 2011
- OSVDB Microsoft Bulletins - Complete Reference
- A live BlueHat Prize webcast and the August 2011 security updates (Microsoft Security Response Center Blog)