On Thursday, May 5, Microsoft released their advance notification for the patches scheduled to be released on Tuesday, May 10. There are only two patches scheduled to be released – yes just TWO. One is classified as critical and the second important.
The patch classified as critical applies only to server operating systems. The following server operating systems are included
- Windows Server 2003 SP2 (32, 64 bit and Itanium versions)
- Windows Server 2008 SP2 (32 and 64 bit versions) *
- Windows Server 2008R2 for 64 bit both Base and SP1.*
*Note: The Server core installation IS affected with this patch
The patch classified as important applies to the following Microsoft Office products.
Microsoft Office for Windows
- Office XP SP3 – Powerpoint application
- Office 2003 SP3 – Powerpoint application
- Office 2007 SP2 – Powerpoint application
Microsoft Office for Mac
- Office 2004 for Mac
- Office 2008 for Mac
- Open XML file format converter for Mac
Other Office software
- Microsoft Office compatibility pack for Word, Excel, and Powerpoint2007 file formats service pack 2.
So, in short, it looks like the month of May will effectively have no operating system patches for Workstations. Your mileage may vary when it comes to workstation patches for Office installations.
Update May 10 – http://www.microsoft.com/technet/security/bulletin/ms11-may.mspx
May patch details
Server patch – MS11-35 – http://www.microsoft.com/technet/security/bulletin/MS11-035.mspx
The first patch rated as critical only effects Windows Server installations that have the WINS (Windows Internet Naming service) installed. No current Windows Server OS installs the protocol automatically. It requires manual installation.
No currently known exploits have been identified for this vulnerability. The details of this vulnerability have not been made available publically. As of this time, Microsoft has indicated that it does not believe that exploit code will function consistently when it is made available.
Office patch – MS11-36 – http://www.microsoft.com/technet/security/bulletin/MS11-036.mspx
With the exception of Office for Mac 2011, the patch for the Office products only applies to Office versions prior to 2010.
No current exploits have been identified with this vulnerability. Microsoft has indicated that when the details of the vulnerability are made available publically, consistent exploit code is expected to materialize. If successfully exploited, the attacker could gain the same access rights and permissions as the logged-on user. For that reason, it is recommended to that users always login with the most limited access as possible.
Note: The same vulnerability exists for Macintosh systems that have Office 2011 installed. Currently no patch has been released (nor a timeframe for an expected release) for addressing the vulnerability on Office for Mac 2011.
Recommendation on May patch deployment.
Due to the limited scope and vulnerabilities identified in the May 2011 patches, the AgriLife ISO is not making the recommendation that these patches be installed on servers as soon as possible with the only exception being if the Microsoft WINS protocol is installed.
Note: all indications are that the WINS protocol is required to support older legacy applications.
Similarly, no recommendation is being provided by the AgriLife ISO to install the Office patch urgently.
Additional information can be found at the following links
http://isc.sans.edu/diary/May+2011+Microsoft+Black+Tuesday+Overview/10855
May 2011 Microsoft Black Tuesday Overview
