Microsoft Security Advisory (967940): Update for Windows Autorun – Version: 2.1
Revision Note: V2.1 (February 22, 2011): Summary revised to notify users of a change in the deployment logic for updates described in this advisory. This change is intended to minimize the user interaction required to install the updates on systems configured for automatic updating.
Summary: Microsoft is announcing the availability of updates to the Autorun feature that help to restrict AutoPlay functionality to only CD and DVD media on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Restricting AutoPlay functionality to only CD and DVD media can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a USB flash drive, network shares, or other non-CD and non-DVD media containing a file system with an Autorun.inf file.
Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of Privilege – Version: 1.1
Revision Note: V1.1 (March 8, 2011): Revised advisory FAQ to announce updated version of the MSRT and added Forefront Security for Exchange Server to the list of non-affected software.
Summary: Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key. An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users.
Microsoft Security Advisory (2506014): Update for the Windows Operating System Loader – Version: 1.0
Revision Note: V1.0 (April 12, 2011): Advisory published.
Summary: Microsoft is announcing the availability of an update to winload.exe to address an issue in driver signing enforcement. While this is not an issue that would require a security update, this update addresses a method by which unsigned drivers could be loaded by winload.exe. This technique is often utilized by malware to stay resident on a system after the initial infection.
Microsoft Security Advisory (973811): Extended Protection for Authentication – Version: 1.12
Revision Note: V1.12 (April 12, 2011): Updated the FAQ with information about a non-security update enabling Microsoft Outlook to opt in to Extended Protection for Authentication.
Summary: Microsoft is announcing the availability of a new feature, Extended Protection for Authentication, on the Windows platform. This feature enhances the protection and handling of credentials when authenticating network connections using Integrated Windows Authentication (IWA).
Microsoft Security Advisory (2501696): Vulnerability in MHTML Could Allow Information Disclosure – Version: 2.0
Revision Note: V2.0 (April 12, 2011): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into public reports of this vulnerability. We have issued MS11-026 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-026. The vulnerability addressed is the MHTML Mime-Formatted Request Vulnerability – CVE-2011-0096.