LANDesk Patch News Bulletin: Vulnerability Definition MS11-015 for Windows XP SP2 is Available 10-MAR-2011

Version 1

    LANDesk Security and Patch News

     

    Headlines

    • (March 10, 2011) Microsoft has released MS11-015 for Windows XP SP2. This security update resolves one publicly disclosed vulnerability in DirectShow and one privately reported vulnerability in Windows Media Player and Windows Media Center. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so. The content applies to Windows XP SP2.

     

     

    • Important note: Microsoft has discontinued general support for Windows 2000 and Windows XP SP2. Extended service contracts are available and are required to access the patches necessary to remediate these vulnerabilities. These patches are not provided by LANDesk and can only be downloaded from Microsoft with a valid extended service contract. Customers with access to the patches through their extended support contracts will need to manually copy the patches to the \patch directory on the LANDesk core server in order to perform remediation for detected vulnerabilities.

     

     

    New Vulnerabilities

    • Vulnerability ID – MS11-015_WINXPSP2

     

    Changed Vulnerabilities

    • Vulnerability ID – N/A

     

    New Patch Downloads

    • windowsxp-kb2479943-x86-custom-enu.exe

     

    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

     

    Best regards,

    LANDesk Product Support

     

    Copyright © 2011 LANDesk Software.  All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

     

    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.landesk.com.