Sicherheitsupdates im Januar 2011

Im Januar gibt es nicht so arg viele Sicherheitsupdates. Beachten sollte man die trotzdem:




Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910)
This security update resolves two privately reported vulnerabilities in Microsoft Data Access Components. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Remote Code Execution

May require restart



Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935)
This security update resolves a publicly disclosed vulnerability in Windows Backup Manager. The vulnerability could allow remote code execution if a user opens a legitimate Windows Backup Manager file that is located in the same network directory as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open the legitimate file from that location, which in turn could cause Windows Backup Manager to load the specially crafted library file.

Remote Code Execution


Die Hinweise sind aus dem Sicherheitsbulletin vom Januar, das Orginal findet ihr hier:


Interessant ist evtl. auch dieser hier von kurz vor Weihnachten:

Happy Patching


Viele Grüße


Walter Steinsdorfer

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>