[BigFix-Announcements-Japan] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (Japanese)'
autonotify at us.ibm.com
autonotify at us.ibm.com
Thu Nov 10 02:32:11 PST 2011
Fixlet Site - 'Patches for Windows (Japanese)'
Current Version: 448 Published: Thu, 10 Nov 2011 07:28:44 GMT
New Fixlets:
============
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Vista SP2 (Japanese)
Severity: Remote Code Execution
Fixlet ID: 1108301
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Vista SP2 (x64) (Japanese)
Severity: Remote Code Execution
Fixlet ID: 1108303
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Server 2008 SP2 (Japanese)
Severity: Remote Code Execution
Fixlet ID: 1108305
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Server 2008 SP2 (x64) (Japanese)
Severity: Remote Code Execution
Fixlet ID: 1108307
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows 7 Gold/SP1 (Japanese)
Severity: Remote Code Execution
Fixlet ID: 1108309
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows 7 Gold/SP1 (x64) (Japanese)
Severity: Remote Code Execution
Fixlet ID: 1108311
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows Server 2008 R2 Gold/SP1 (x64) (Japanese)
Severity: Remote Code Execution
Fixlet ID: 1108313
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-083
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service - Windows 7 Gold/SP1 (Japanese)
Severity: Moderate
Fixlet ID: 1108401
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-084
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service - Windows 7 Gold/SP1 (x64) (Japanese)
Severity: Moderate
Fixlet ID: 1108403
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-084
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service - Windows Server 2008 R2 Gold/SP1 (x64) (Japanese)
Severity: Moderate
Fixlet ID: 1108405
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-084
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Vista SP2 (Japanese)
Severity: Important
Fixlet ID: 1108501
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Vista SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108503
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Server 2008 SP2 (Japanese)
Severity: Moderate
Fixlet ID: 1108505
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Server 2008 SP2 (x64) (Japanese)
Severity: Moderate
Fixlet ID: 1108507
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows 7 Gold/SP1 (Japanese)
Severity: Low
Fixlet ID: 1108509
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows 7 Gold/SP1 (x64) (Japanese)
Severity: Low
Fixlet ID: 1108511
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution - Windows Server 2008 R2 Gold/SP1 (x64) (Japanese)
Severity: Low
Fixlet ID: 1108513
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-085
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows XP SP3 (Japanese)
Severity: Important
Fixlet ID: 1108601
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows XP SP3 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1108602
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows XP SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108603
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows XP SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1108604
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 (Japanese)
Severity: Important
Fixlet ID: 1108605
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1108606
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 (Japanese)
Severity: Important
Fixlet ID: 1108607
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1108608
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108609
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - Active Directory - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1108610
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108611
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - ADAM - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Japanese)
Severity: Important
Fixlet ID: 1108612
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Vista SP2 (Japanese)
Severity: Important
Fixlet ID: 1108613
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Vista SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108615
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Server 2008 SP2 (Japanese)
Severity: Important
Fixlet ID: 1108617
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Server 2008 SP2 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108619
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows 7 Gold/SP1 (Japanese)
Severity: Important
Fixlet ID: 1108621
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows 7 Gold/SP1 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108623
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege - AD LDS - Windows Server 2008 R2 Gold/SP1 (x64) (Japanese)
Severity: Important
Fixlet ID: 1108625
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-086
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
More information about the BigFix-Announcements-Japan
mailing list