With the release of the security bulletins for January 2011, this bulletin summary replaces the bulletin advance notification originally issued January 6, 2011. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Microsoft is hosting a webcast to address customer questions on these bulletins on January 12, 2011, at 11:00 AM Pacific Time (US & Canada). Register now for the January Security Bulletin Webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of decreasing exploitability assessment level then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

How do I use this table?

Use this table to learn about the likelihood of functioning exploit code being released within 30 days of security bulletin release, for each of the security updates that you may need to install. You should review each of the assessments below, in accordance with your specific configuration, in order to prioritize your deployment. For more information about what these ratings mean, and how they are determined, please see Microsoft Exploitability Index.

Bulletin ID Vulnerability Title CVE ID Exploitability Index Assessment Key Notes
MS11-001 Backup Manager Insecure Library Loading Vulnerability CVE-2010-3145 1 – Consistent exploit code likely This vulnerability has been disclosed publicly
MS11-002 DSN Overflow Vulnerability CVE-2011-0026 1 – Consistent exploit code likely (None)
MS11-002 ADO Record Memory Vulnerability CVE-2011-0027 1 – Consistent exploit code likely (None)

Post By Gishore J Kallarackal (2,121 Posts)

Gishore J Kallarackal is the founder of techgurulive. The purpose of this site is to share information about free resources that techies can use for reference. You can follow me on the social web, subscribe to the RSS Feed or sign up for the email newsletter for your daily dose of tech tips & tutorials. You can content me via @twitter or e-mail.

Website: → Techgurulive