Why MS11-100 was Out Of Band

: @orinthomas

According to the recent OOB Bulletin Q&A and Webcast, MS11-100 was pushed out because exploiting the vulnerability in a denial of service attack was relatively straightforward once details of the vulnerability were made public. MS11-100 does not address a vulnerability that could be used to directly trigger a remote code exploit. MS11-100 also fixes an elevation of privilege vulnerability and a spoofing vulnerability that were otherwise going to be address in January’s patch Tuesday.


You can catch the entirety of the webcast with Pete Voss and Jonathan Ness here at: http://blogs.technet.com/b/msrc/archive/2011/12/30/december-2011-out-of-band-bulletin-release-q-amp-a-and-webcast.aspx

Please or Register to post comments.

What's Hyperbole, Embellishment, and Systems Administration Blog?

IT pro Orin Thomas provides true tales, snafus, news, and urban legends for Microsoft Windows system administrators.

Contributors

Orin Thomas

Orin Thomas is a contributing editor for Windows IT Pro and a Windows Security MVP. He has authored or coauthored more than thirty books for Microsoft Press, founded the Melbourne System Center,...
Blog Archive

Sponsored Introduction Continue on to (or wait seconds) ×