MS11-049: Vulnerability in the Microsoft XML Editor could allow information disclosure: June 14, 2011

Article translations Article translations
Article ID: 2543893 - View products that this article applies to.
Expand all | Collapse all

On This Page

Introduction

Microsoft has released security bulletin MS11-049. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information about this security update

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.
  • 2251489 MS11-049: Description of the security update for Visual Studio 2010: June 14, 2011
  • 2251487 MS11-049: Description of the security update for Visual Studio 2008 SP1: June 14, 2011
  • 2251481 MS11-049: Description of the security update for Visual Studio 2005 SP1: June 14, 2011

    The following are the known issues in security update 2251481. For more information about these known issues, see security update 2251481. 
    • If you run Visual Studio Premier Partner Edition (PPE), this security update will be listed in the Programs and Features item in Control Panel as follows:
      Security Update for Microsoft Visual Studio 2005 Team Suite – RUS (KB2251481)
    • When you install this security update on a computer that does not have Visual Studio 2005 installed, you receive a message that states that the update is not applicable.
    • When you try to install this security update (which was re-released August 9, 2011) by using Microsoft Update, you may receive an error code "66a."
  • 2494094 MS11-049: Description of the security update for SQL Server 2008 Service Pack 2 QFE: June 14, 2011

    The following is the known issue in security update 2494094. For more information about this known issue, see security update 2494094.
    • It may be possible to install this SQL Server 2008-based security update on a SQL Server 2005-based system where SQL Server 2008 is not installed.
  • 2494089 MS11-049: Description of the security update for SQL Server 2008 Service Pack 2 GDR: June 14, 2011

    The following is the known issue in security update 2494089. For more information about this known issue, see security update 2494089.
    • It may be possible to install this SQL Server 2008-based security update on a SQL Server 2005-based system where SQL Server 2008 is not installed.
  • 2494100 MS11-049: Description of the security update for SQL Server 2008 Service Pack 1 QFE: June 14, 2011

    The following is the known issue in security update 2494100. For more information about this known issue, see security update 2494100.
    • It may be possible to install this SQL Server 2008-based security update on a SQL Server 2005-based system where SQL Server 2008 is not installed.
  • 2494096 MS11-049: Description of the security update for SQL Server 2008 Service Pack 1 GDR: June 14, 2011

    The following is the known issue in security update 2494096. For more information about this known issue see security update 2494096.
    • It may be possible to install this SQL Server 2008-based security update on a SQL Server 2005-based system where SQL Server 2008 is not installed.
  • 2494086 MS11-049: Description of the security update for SQL Server 2008 R2 QFE: June 14, 2011

    The following are the known issues in security update 2494086. For more information about these known issues, see security update 2494086.
    • When you use the /? switch or the /Help switch with this security update package, you receive an error message.
    • After you install this security update, the Add or Remove Programs entries for this security update do not have "Security Update" in the title of the security update.
    • After you install this security update, the installation wizard shows the security update as an "Update Program" instead of as a "Security Update."
  • 2494088 MS11-049: Description of the security update for SQL Server 2008 R2 GDR: June 14, 2011

    The following are the known issues in security update 2494088. For more information about these known issues, see security update 2494088.
    • When you use the /? switch or the /Help switch with this security update package, you receive an error message.
    • After you install this security update, the Add or Remove Programs entries for this security update do not have "Security Update" in the title of the security update.
    • After you install this security update, the installation wizard shows the security update as an "Update Program" instead of as a "Security Update."
  • 2494123 MS11-049: Description of the security update for SQL Server 2005 Service Pack 4 QFE: June 14, 2011
  • 2494120 MS11-049: Description of the security update for SQL Server 2005 Service Pack 4 GDR: June 14, 2011
  • 2494112 MS11-049: Description of the security update for SQL Server 2005 Service Pack 3 QFE: June 14, 2011
  • 2494113 MS11-049: Description of the security update for SQL Server 2005 Service Pack 3 GDR: June 14, 2011
  • 2546869 MS11-049: Description of the security update for SQL Server 2005 Management Studio Express: June 14, 2011

    The following is the known issue in security update 2546869. For more information about this known issue, see security update 2546869.
    • When you try to manually install security updates for SQL Server Management Studio Express Edition (SSMSEE) by using the SSMSEE packages that are associated with this security update, the installer only extracts the files. The installation does not start. Instead, a Help menu is displayed. This issue does not occur when you use Windows Update or Microsoft Update.
  • 2510065 MS11-049: Description of the security update for InfoPath 2010: June 14, 2011
  • 2510061 MS11-049: Description of the security update for InfoPath 2007: June 14, 2011

Security update replacement information

This security update does not replace a previously released security update.

APPLIES TO

In addition to the products that are listed in the "Applies to" section, this issue also affects the following products:
  • SQL Server 2008 Management Studio Express
  • SQL Server 2008 R2 Management Studio Express

Properties

Article ID: 2543893 - Last Review: May 8, 2012 - Revision: 5.0
APPLIES TO
  • Microsoft Visual Studio 2010 Premium
  • Microsoft Visual Studio 2010 Professional
  • Microsoft Visual Studio 2010 Ultimate
  • Microsoft Visual Studio 2008 Service Pack 1, when used with:
    • Microsoft Visual Studio 2008 Professional Edition
    • Microsoft Visual Studio 2008 Standard Edition
  • Microsoft Visual Studio 2005 Professional Edition
  • Microsoft Visual Studio 2005 Standard Edition
  • Microsoft Visual Studio 2005 Team Suite
  • Microsoft SQL Server 2008 Service Pack 2, when used with:
    • Microsoft SQL Server 2008 Analysis Services
    • Microsoft SQL Server 2008 Developer
    • Microsoft SQL Server 2008 Enterprise
    • Microsoft SQL Server 2008 Express
    • Microsoft SQL Server 2008 Express with Advanced Services
    • Microsoft SQL Server 2008 Standard
    • Microsoft SQL Server 2008 Standard Edition for Small Business
    • Microsoft SQL Server 2008 Web
    • Microsoft SQL Server 2008 Workgroup
  • Microsoft SQL Server 2008 Service Pack 1, when used with:
    • Microsoft SQL Server 2008 Analysis Services
    • Microsoft SQL Server 2008 Developer
    • Microsoft SQL Server 2008 Enterprise
    • Microsoft SQL Server 2008 Express
    • Microsoft SQL Server 2008 Express with Advanced Services
    • Microsoft SQL Server 2008 Standard
    • Microsoft SQL Server 2008 Standard Edition for Small Business
    • Microsoft SQL Server 2008 Web
    • Microsoft SQL Server 2008 Workgroup
  • Microsoft SQL Server 2008 R2 Analysis Services
  • Microsoft SQL Server 2008 R2 Datacenter
  • Microsoft SQL Server 2008 R2 Developer
  • Microsoft SQL Server 2008 R2 Enterprise
  • Microsoft SQL Server 2008 R2 Express
  • Microsoft SQL Server 2008 R2 Express with Advanced Services
  • Microsoft SQL Server 2008 R2 Standard
  • Microsoft SQL Server 2008 R2 Standard Edition for Small Business
  • Microsoft SQL Server 2008 R2 Web
  • Microsoft SQL Server 2008 R2 Workgroup
  • Microsoft SQL Server 2005 Service Pack 4, when used with:
    • Microsoft SQL Server 2005 Developer Edition
    • Microsoft SQL Server 2005 Enterprise Edition
    • Microsoft SQL Server 2005 Enterprise Edition for Itanium-based Systems
    • Microsoft SQL Server 2005 Enterprise X64 Edition
    • Microsoft SQL Server 2005 Express Edition
    • Microsoft SQL Server 2005 Express Edition with Advanced Services
    • Microsoft SQL Server 2005 Standard Edition
    • Microsoft SQL Server 2005 Standard Edition for Itanium-based Systems
    • Microsoft SQL Server 2005 Standard X64 Edition
    • Microsoft SQL Server 2005 Workgroup Edition
  • Microsoft SQL Server 2005 Service Pack 3, when used with:
    • Microsoft SQL Server 2005 Developer Edition
    • Microsoft SQL Server 2005 Enterprise Edition
    • Microsoft SQL Server 2005 Enterprise Edition for Itanium-based Systems
    • Microsoft SQL Server 2005 Enterprise X64 Edition
    • Microsoft SQL Server 2005 Express Edition
    • Microsoft SQL Server 2005 Express Edition with Advanced Services
    • Microsoft SQL Server 2005 Standard Edition
    • Microsoft SQL Server 2005 Standard X64 Edition
    • Microsoft SQL Server 2005 Workgroup Edition
  • Microsoft Infopath 2010
  • Microsoft Office InfoPath 2007
Keywords: 
kbsecvulnerability kbsecurity kbsecbulletin kbfix kbexpertiseinter kbbug atdownload KB2543893

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com