Cisco Event Response: Microsoft Security Bulletin Release for November 2011

November 8, 2011

Microsoft published its monthly security bulletin release on November 8, 2011. Four total bulletins were released that address four individual vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows operating systems and components. The vulnerabilities could allow an attacker to cause a denial of service condition, bypass security restrictions, or execute arbitrary code on a targeted system.

Cisco Security
Intelligence Operations

Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin	Cisco IntelliShield Alert	CVE ID	Cisco Mitigations	CVSS Base Score
Microsoft Security Bulletin MS11-083 Vulnerability in TCP/IP Could Allow Remote Code Execution	Microsoft Windows UDP Packet Processing Integer Overflow Arbitrary Code Execution Vulnerability	CVE-2011-2013	Cisco IPS Signature 4002/0	10.0
Microsoft Security Bulletin MS11-084 Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service	Microsoft Windows Kernel TrueType Font Processing Denial of Service Vulnerability	CVE-2011-2004	–	7.1
Microsoft Security Bulletin MS11-085 Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution	Vulnerability in Windows Mail Could Allow Remote Code Execution	CVE-2011-2016	Cisco IPS Signature 40126/0, Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/FWSM, Cisco ACE	9.3
Microsoft Security Bulletin MS11-086 Vulnerability in Active Directory Could Allow Elevation of Privilege	Microsoft Windows Active Directory Lightweight Directory Access Protocol Authentication Bypass Vulnerability	CVE-2011-2014	–	6.8

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco IOS access control lists; Cisco Intrusion Prevention System (IPS) signatures; Cisco IOS NetFlow; Cisco ACE Application Control Engine; and firewall inspection, normalization, and access control lists are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for November 2011

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for using Microsoft security updates on products deployed on a retail installation of Windows operating system for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.