Microsoft today released two security bulletins addressing three vulnerabilities in Windows Server and Microsoft Office. Of the two bulletins, only one is a top priority update rated Critical by Microsoft that should be deployed as soon as possible.
Two of the vulnerabilities are addressed by a single bulletin, MS11-036. Both are related to Microsoft PowerPoint. The bulletin itself carries an Important rating with a possibility of remote code execution if a user opens a specially crafted malicious PowerPoint file.
The top priority update, MS11-035, is related to the Windows Internet Name Server service (WINS). WINS is not installed by default on any Windows Server operation system however the vulnerability could allow for “remote code execution if a user received specially crafted malware on an affected system running the WINS service.”
As always, the updates will be available via Windows Update and the Microsoft Download Center. Further details about the bulletins are available in the Microsoft Security Bulletin Summary for May 2011.