November 2011 Patch Tuesday Overview

Microsoft has released four new security bulletins for this edition of Patch Tuesday.  These four security bulletins address four vulnerabilities.

The first bulletin administrators should address is MS11-083.  This bulletin addresses one vulnerability in Windows TCP/IP.  If an attacker sends a stream of malicious User Datagram Protocol (UDP) network packets to an unpatched machine, the attacker could gain control over the affected system.  With this type of an attack scenario, alarms could be raised about the potential of a vulnerability that is used in a worm.  However, there are a few items that will make it difficult for an attacker to use this exploit in a worm.  First, the network port attacked on the target machine must be closed.  Second, a normal UDP packet streamed to a vulnerable machine will not allow the attacker to gain access to the system.  The UDP packet must be “specially” crafted.  An attacker will need to figure out the type of packet to send to a vulnerable machine.  Finally, this vulnerability was privately disclosed to Microsoft so there is no known code out in the wild at this time and Microsoft has not received any reports of attacks against this vulnerability.

On the non-Microsoft front, a couple of vendors will be a part of this Patch Tuesday.  Adobe released a new security bulletin for their Shockwave player today.  This security bulletin addresses four vulnerabilities and is rated as Critical.  Mozilla is planning to release new versions to the Firefox, Thunderbird and SeaMonkey product families.

Patch Tuesday is no longer just about Microsoft releasing new security bulletins.  Many other vendors can sneak in with their own security releases that can be just as or more important than Microsoft releases.  Given the history of non-Microsoft vendors releasing on Patch Tuesday, administrators should plan for the unexpected during the monthly patch maintenance window.

I will be reviewing the November 2011 in depth during my monthly Patch Tuesday webinar tomorrow at 11am CDT. You can register to attend the live webinar here.

– Jason Miller

VMware vCenter Protect Essentials Plus available for download

It is patch week once again, but before the patch announcements and Patch Tuesday webinar start to fill your week I wanted to let you know what a couple hundred of our customers have already found out.  VMware vCenter Protect Essentials Plus 8.0 (formerly Shavlik NetChk Protect) is now available.  For those of you who have not seen the new features of the latest release they are focused on making day to day IT Management easier.

Check out the ITScripts feature and integration with RDP which provide some handy and quick solutions for any IT Administrator. From the machine view or scan view you could make a selection of machines and check the last boot time of machines to see if they have rebooted after patch deployment. Also right click and RDP into machines and have vCenter Protect Essentials Plus provide the credential for you. Those and many more handy scripts are available with a few clicks.

Next, the credentials management enhancements make updating passwords and setting credentials a breeze.

Also, for those of you who share a console between multiple admins, this release also supports multiple admin access on the same console.   So by upgrading to vCenter Protect Essentials Plus, as you prep for Patch Tuesday you will no longer have to coordinate time on the console to setup or modify machine groups, update patch groups, or schedule operations.

If you are a current customer and are interested in upgrading to vCenter Protect Essentials Plus, register here to attend this live webinar on November 15th at 10am CST in which I will walk you through the new features and the product upgrade path.

Download is available here.

Happy Patching!

Chris Goettl
Customer-Product Owner
SMB Management Solutions

November 2011 Patch Tuesday Advanced Notification

Microsoft has released their advanced notification for the upcoming November edition of Patch Tuesday.  Microsoft is planning to release four new security bulletins addressing four  vulnerabilities.

Security Bulletin Breakdown:

  • 1 bulletin rated as Critical
  • 2 bulletins rated as Important
  • 1 bulletin rated as Moderate
  • 2 vulnerabilities fixed could lead to Remote Code Execution
  • 1 vulnerability fixed could lead to Elevation of Privilege
  • 1 vulnerability fixed could lead to Denial of Service

 Affected Products:

  • All supported Microsoft Operating Systems


On the non-Microsoft front, be prepared for new versions of products in the Mozilla family.  New versions of Firefox, Thunderbird and SeaMonkey should be available on Patch Tuesday.

I will be talking about November’s Patch Tuesday next Wednesday, November 8th at 11:00am CST in part of our monthly Patch Tuesday webinar.  Click here to register for the webinar.

– Jason Miller