Microsoft has released two critical updates:
MS11-057 (Internet Explorer). This security update resolves five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. Microsoft is not aware of any attacks leveraging the vulnerabilities addressed in this bulletin.
http://www.microsoft.com/technet/security/Bulletin/MS11-058.mspx
MS11-058 (DNS Server). This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a specially crafted Naming Authority Pointer (NAPTR) query to a DNS server. Servers that do not have the DNS role enabled are not at risk.
http://www.microsoft.com/technet/security/Bulletin/MS11-057.mspx
Users should install these updates as soon as possible.
Leave a reply