Microsoft Patches 34 Vulnerabilities

Microsoft released 16 bulletins addressing 34 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET, SQL, Visual Studio, Silverlight, VML and ISA. Nine of the bulletins are rated Critical, with seven rated as Important.

Wolfgang Kandek, Qualys CTO, comments: "The only bulletin with a known expoit in the wild is MS11-046, a local privilege escalation flaw in the "afd.sys" driver. IT admins can check with their end-point security providers for coverage, but should include this bulletin high on their to-do lists in any case, as it is only a matter of time until we see more attackers use malware taking advantage of this exploit to gain control of your workstations."

The Bulletins Cover The Following

• Vulnerability in OLE Automation
  
  
• Vulnerability in .NET Framework and Microsoft Silverlight
  
  
• Vulnerability in Threat Management Gateway Firewall Client
  
  
• Vulnerability in Windows Kernel-Mode Drivers
  
  
• Vulnerabilities in Distributed File System
  
  
• Vulnerability in SMB Client
  
  
• Vulnerability in .NET Framework
  
  
• Cumulative Security Update for Internet Explorer
  
  
• Vulnerability in Vector Markup Language
  
  
• Vulnerability in MHTML
  
  
• Vulnerabilities in Microsoft Excel
  
  
• Vulnerability in Ancillary Function Driver
  
  
• Vulnerability in Hyper-V Could
  
  
• Vulnerability in SMB Server
  
  
• Vulnerability in the Microsoft XML Editor
  
  
• Vulnerability in Active Directory Certificate Services Web Enrollment