Windows update MS11-020 for RSA enVision
I realize that with this month's massive patch Tuesday release, the testing team at RSA is probably quite busy evaluating all of Windows patches to make sure nothing breaks as a result of installing them.
However, can we get a status update on whether we can apply MS11-020, which various security reports are saying could very well become a "wormable" exploit that doesn't require authentication or user interaction? On Microsoft’s security blog for MS11-020 they evaluate it as “Likely to see reliable exploits developed within next 30 days.”. Given that it could be exploited through the SMB ports (139,445) I'm worried about how quickly this one could move through a network via a single infected system. (http://blogs.technet.com/b/srd/archive/2011/04/12/assessing-the-risk-of-the-april-security-updates.a...).
See the following links below for more details:
For the sake of updating/closing this thread, it looks like the April 2011 Microsoft updates have been approved by RSA.
Now we get to repeat the process again in the next Patch Tuesday seven days from now .