Microsoft has released 6 new security bulletins for December. They have also released two new security advisories as well as one bulletin that has been re-released. In addition to the Microsoft releases, even though Adobe’s quarterly security update is scheduled for next month, they are planning to release a security bulletin for Adobe Flash and Adobe Air today.
A quick rundown of today’s patches:
MS09-072 is the first security bulletin administrators should address on their network. This bulletin is a cumulative update for Internet Explorer. Microsoft usually releases a cumulative update for Internet Explorer every other month, and …
Read More»
Last week marked the arrival of Windows 7 to the market. We had the operating system in our hands for the past couple of months and have done some extensive testing with it. It is definitely a bit snappier in terms of speed compared to Windows 7.
On the security side of Windows 7, you shouldn’t be looking for anything major. This release was focused on the user experience. A lot of the features introduced in Windows 7 address the “black eyes” the Windows Vista operating system received during its release.
Although, there are some worthwhile security improvements in Windows 7 to …
Read More»
Tomorrow will mark the one year anniversary of the MS08-067 software vulnerability in the Windows Server Service. This is the vulnerability the Conficker worm exploited.
Microsoft released this patch “out-of-band”, unbeknownst, to the security industry. When I looked at this security bulletin in detail, I was instantly alarmed. The vulnerability allowed remote code execution as well as being out-of-band. Well, ok, this may sound like a lot of vulnerabilities Microsoft patches each month.
This security bulletin was different for two reasons:
This vulnerability affected the Windows Server Service. Ah, but what uses that service? Pretty much every computer running Windows has this service …
Read More»
Microsoft has released 13 new security bulletins in the October 2009 version of Patch Tuesday. Eight bulletins are rated with a severity rating of Critical. The remaining five security bulletins have a severity rating of Important. For the first time, Windows 7 and Windows 2008 R2 are affected by security bulletins. The sheer volume of bulletins and subsequent patches this month will likely give administrator fits.
Two previously active Microsoft Security Advisories have been closed out:
Security Advisory 975497: Vulnerabilities in SMB Could Allow Remote Code Execution
Security Advisory 975191: Vulnerabilities in the FTP Service in Internet Information
These security advisories have …
Read More»
Mark Wodrich and Jonathan Ness from Microsoft’s Security Research and Defense team have provided updates regarding the SMBv2 zero-day vulnerability (Security Advisory 975497).
Some highlights:
The exploit can be detected by intrusion detection systems (IDS) and firewalls that have signatures for the vulnerability being targeted (CVE-2009-3103).
This exploit code from Immunity is only available to a small group of companies and organizations who will use it to determine the risk to their own networks and systems, or those of their customers. (We are aware that other groups are actively working on exploit code which is likely to be made public when it is …
Read More»
It has only been a few days since patch Tuesday, but Microsoft has already revised security bulletin MS09-048.
Microsoft has added Windows XP SP2, SP3 and Windows XP x64 SP2 as affected products for this bulletin. Although, Microsoft is not issuing patches for these systems. They have also updated the security bulletin to add more details on why they are not supplying patches for these operating systems.
“The denial of service attacks require a sustained flood of specially crafted TCP packets, and the system will recover once the flood ceases. This makes the severity rating Low for Windows XP.”
As they …
Read More»
Microsoft has just announced a new security advisory regarding the SMB flaw reported today in Security Advisory 975497.
There is indeed an issue with SMB 2.0 that can result in remote code execution on a targeted system. The vulnerability affects Windows Vista and Windows 2008. Important note: Windows 7 and Windows 2008 R2 are not affected by this vulnerability. The reports earlier today had droves of people unofficially confirming that Windows 7 was affected. The version of Windows 7 they were able to reproduce the vulnerability on was Windows 7 RC (release candidate). Microsoft has posted workarounds on the …
Read More»
In case you may have missed it, Microsoft also re-released Security Bulletin MS09-037. This bulletin was released last month to addres the Microsoft ATL vulnerability in their products. Microsoft Windows Media Center 2005 and all Windows Vista editions have been added as an affected product. When going through this months patch cycle, be sure to look for this patch missing as well.
Re-releasing a bulletin is not uncommon for Microsoft on a scheduled patch Tuesdays. These re-releases are typically unannounced and can slip by your radar when focused on the burden of patch Tuesday.
Read More»
Microsoft has released 5 new security bulletins in the September version of Patch Tuesday. All bulletins are rated with a Critical severity rating. This month, Windows 7 is not an affected product for the bulletins and vulnerabilities. All bulletins are not publically known at this time.
The most important bulletin to install first is MS09-048. This bulletin resolves 3 vulnerabilities in the networking component TCP/IP. In two of the vulnerabilities, attacks could cause a Denial of Service on target machines by sending specially crafted network packets that will cause the system to freeze or automatically restart. The other vulnerability …
Read More»
