[Bigfix-announcements-french] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (French)'
autonotify at us.ibm.com
autonotify at us.ibm.com
Wed Nov 9 05:02:09 PST 2011
Fixlet Site - 'Patches for Windows (French)'
Current Version: 409 Published: Wed, 09 Nov 2011 11:53:44 GMT
New Fixlets:
============
***************************************************************
Title: UPDATE: SQL Server 2008 R2 Service Pack 1 Available (French)
Severity: <Unspecified>
Fixlet ID: 73004
Fixlet Link: http://social.technet.microsoft.com/wiki/contents/articles/microsoft-sql-server-2008-r2-sp1-release-notes.aspx
Fixlet Description: Microsoft has released SQL Server 2008 R2 Service Pack 1. SQL Server 2008 R2 Service Pack 1 is primarily a Roll-up of Cumulative Update 1 to 6, Quick Fix Engineering (QFE) updates, and fixes to issues reported through the SQL Server community. Several new features have also been added: Dynamic Management Views for increased supportability ForceSeek for improved querying performance Data-tier Application Component Framework (DAC Fx) for improved database upgrades Disk space control for PowerPivot
Important Note: SQL Server instances operating in a non-Microsoft cluster environment should be upgraded using the CLUSTERPASSIVE option. Please use the second action below to upgrade in these environments.
***************************************************************
Title: MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege - SharePoint Server 2010 Gold/SP1 (pplwfe) (x64) (French)
Severity: Important
Fixlet ID: 1107457
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-074
Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS11-078: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution - Microsoft Silverlight 4 (French)
Severity: Critical
Fixlet ID: 1107829
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-078
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS11-078: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution - Microsoft Silverlight 4 for Developers (French)
Severity: Critical
Fixlet ID: 1107831
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-078
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Vista SP2 (French)
Severity: Remote Code Execution
Fixlet ID: 1108301
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Vista SP2 (x64) (French)
Severity: Remote Code Execution
Fixlet ID: 1108303
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Server 2008 SP2 (French)
Severity: Remote Code Execution
Fixlet ID: 1108305
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Server 2008 SP2 (x64) (French)
Severity: Remote Code Execution
Fixlet ID: 1108307
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows 7 Gold/SP1 (French)
Severity: Remote Code Execution
Fixlet ID: 1108309
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows 7 Gold/SP1 (x64) (French)
Severity: Remote Code Execution
Fixlet ID: 1108311
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Server 2008 R2 Gold/SP1 (x64) (French)
Severity: Remote Code Execution
Fixlet ID: 1108313
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service - Windows 7 Gold/SP1 (French)
Severity: Moderate
Fixlet ID: 1108401
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-084
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service - Windows 7 Gold/SP1 (x64) (French)
Severity: Moderate
Fixlet ID: 1108403
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-084
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service - Windows Server 2008 R2 Gold/SP1 (x64) (French)
Severity: Moderate
Fixlet ID: 1108405
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-084
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Vista SP2 (French)
Severity: Important
Fixlet ID: 1108501
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Vista SP2 (x64) (French)
Severity: Important
Fixlet ID: 1108503
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Server 2008 SP2 (French)
Severity: Moderate
Fixlet ID: 1108505
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Server 2008 SP2 (x64) (French)
Severity: Moderate
Fixlet ID: 1108507
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows 7 Gold/SP1 (French)
Severity: Low
Fixlet ID: 1108509
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows 7 Gold/SP1 (x64) (French)
Severity: Low
Fixlet ID: 1108511
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Server 2008 R2 Gold/SP1 (x64) (French)
Severity: Low
Fixlet ID: 1108513
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows XP SP3 (French)
Severity: Important
Fixlet ID: 1108601
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows XP SP3 - CORRUPT PATCH (French)
Severity: Important
Fixlet ID: 1108602
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 (French)
Severity: Important
Fixlet ID: 1108605
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 - CORRUPT PATCH (French)
Severity: Important
Fixlet ID: 1108606
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 (French)
Severity: Important
Fixlet ID: 1108607
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 - CORRUPT PATCH (French)
Severity: Important
Fixlet ID: 1108608
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 (x64) (French)
Severity: Important
Fixlet ID: 1108609
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (French)
Severity: Important
Fixlet ID: 1108610
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 (x64) (French)
Severity: Important
Fixlet ID: 1108611
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (French)
Severity: Important
Fixlet ID: 1108612
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Vista SP2 (French)
Severity: Important
Fixlet ID: 1108613
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Vista SP2 (x64) (French)
Severity: Important
Fixlet ID: 1108615
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Server 2008 SP2 (French)
Severity: Important
Fixlet ID: 1108617
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Server 2008 SP2 (x64) (French)
Severity: Important
Fixlet ID: 1108619
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows 7 Gold/SP1 (French)
Severity: Important
Fixlet ID: 1108621
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows 7 Gold/SP1 (x64) (French)
Severity: Important
Fixlet ID: 1108623
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Server 2008 R2 Gold/SP1 (x64) (French)
Severity: Important
Fixlet ID: 1108625
Fixlet Link: http://technet.microsoft.com/FR-FR/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: UPDATE: SQL Server 2008 Service Pack 3 Available (French)
Severity: <Unspecified>
Fixlet ID: 228506802
Fixlet Link: http://social.technet.microsoft.com/wiki/contents/articles/microsoft-sql-server-2008-sp3-release-notes.aspx
Fixlet Description: Microsoft SQL Server 2008 Service Pack 3 (SP3) is now available for download. A few key enhancements for customers in Microsoft SQL Server 2008 Service Pack 3 are: Enhanced upgrade experience from previous versions of SQL Server to SQL Server 2008 SP3; In SQL Server Integration Services logs will now show the total number of rows sent in Data Flows; Enhanced warning messages when creating the maintenance plan if the Shrink Database option is enabled. SQL Server 2008 SP3 contains the cumulative updates of SQL Server 2008 SP2 cumulative update package 1 to 4, and fixes to issues that have been reported through our customer feedback platforms. These include supportability enhancements and issues that have been reported through Windows Error Reporting.
Important Note: SQL Server instances operating in a non-Microsoft cluster environment should be upgraded using the CLUSTERPASSIVE option. Please use the second action below to upgrade in these environments.
More information about the BigFix-Announcements-French
mailing list