Tis the season of good friends, good food, good conversation and of course patching your network. Today marks the final Patch Tuesday of 2011, and it’s a big one. Microsoft is giving the gift of 13 security bulletins addressing 19 vulnerabilities to add to the stress of this holiday season. Not to be outdone by Microsoft, other software vendors such as Google and Adobe are also joining in on the season of giving by releasing updates of their own. This combination of Microsoft and non-Microsoft patch releases will definitely keep us busy this season.
On the Microsoft side, there …
Read More»
Microsoft has released their advanced notification for the December 2011 edition of Patch Tuesday. Microsoft is giving the gift of 14 security bulletins addressing 20 vulnerabilities this holiday season.
Security Bulletin Breakdown:
3 bulletins rated as Critical
11 bulletins rated as Important
10 vulnerabilities could lead to Remote Code Execution
1 vulnerability could lead to Information Disclosure
3 vulnerabilities could lead to Elevation of Privilege
Affected Products:
All supported Microsoft Operating systems
Publisher 2003, 2007
Excel 2003
PowerPoint 2007, 2010
Office 2007, 2010
PowerPoint Viewer 2007
Office Compatibility Pack 2007
On the non-Microsoft front, Adobe released a security advisory (APSA11-04) for a zero-day vulnerability affecting Adobe Acrobat/Reader 9/10 on December 6th. …
Read More»
Microsoft has released four new security bulletins for this edition of Patch Tuesday. These four security bulletins address four vulnerabilities.
The first bulletin administrators should address is MS11-083. This bulletin addresses one vulnerability in Windows TCP/IP. If an attacker sends a stream of malicious User Datagram Protocol (UDP) network packets to an unpatched machine, the attacker could gain control over the affected system. With this type of an attack scenario, alarms could be raised about the potential of a vulnerability that is used in a worm. However, there are a few items that will make it difficult …
Read More»
It is patch week once again, but before the patch announcements and Patch Tuesday webinar start to fill your week I wanted to let you know what a couple hundred of our customers have already found out. VMware vCenter Protect Essentials Plus 8.0 (formerly Shavlik NetChk Protect) is now available. For those of you who have not seen the new features of the latest release they are focused on making day to day IT Management easier.
Check out the ITScripts feature and integration with RDP which provide some handy and quick solutions for any …
Read More»
Microsoft has released their advanced notification for the upcoming November edition of Patch Tuesday. Microsoft is planning to release four new security bulletins addressing four vulnerabilities.
Security Bulletin Breakdown:
1 bulletin rated as Critical
2 bulletins rated as Important
1 bulletin rated as Moderate
2 vulnerabilities fixed could lead to Remote Code Execution
1 vulnerability fixed could lead to Elevation of Privilege
1 vulnerability fixed could lead to Denial of Service
Affected Products:
All supported Microsoft Operating Systems
On the non-Microsoft front, be prepared for new versions of products in the Mozilla family. New versions of Firefox, Thunderbird and SeaMonkey should be available on Patch Tuesday.
I will be …
Read More»
Microsoft has released eight new security bulletins in their October 2011 version of Patch Tuesday. These eight new security bulletins address 23 vulnerabilities.
The bulletin administrators should look at patching first is the bi-monthly cumulative update for Microsoft Internet Explorer. Security bulletin MS11-081 addresses eight individual vulnerabilities in Internet Explorer. A user visiting a malicious web page with an unpatched Internet Explorer browser could lead to remote code execution. As with every security update for Internet browsers (Microsoft or other browser vendors), patching browsers will be top priority because the vulnerabilities fixed with each security bulletin release …
Read More»
Microsoft has released their October 2011 Patch Tuesday Advanced notification. Microsoft is planning to release 8 new security bulletins addressing 23 vulnerabilities.
Security Bulletin Breakdown:
2 bulletins are rated as Critical
6 bulletins are rated as Important
6 vulnerabilities fixed could lead to Remote Code Execution
1 vulnerability fixed could lead to Elevation of Privilege
1 vulnerability fixed could lead to Denial of Service
Affected Products:
All supported Microsoft operating systems
Microsoft Internet Explorer
Microsoft .NET Framework
Microsoft Host Integration Server 2004, 2006, 2009, 2010
Microsoft Silverlight 4
Microsoft Forefront Unified Access Gateway 2010
I will be going through each bulletin thoroughly next Wednesday, October 12th at 11:00am CDT in part of …
Read More»
Microsoft has released their scheduled monthly Security Bulletin release with 5 bulletins addressing 15 vulnerabilities.
MS11-070 addresses 1 vulnerability in the WINS service. Only Microsoft server operating systems are affected by this vulnerability (Windows 2003, Windows 2008, Windows 2008 R2). In order for an attacker to carry out an exploit, the attacker must have access and login credentials to the machine. Once on the machine, the attacker could send a malicious WINS request to the local loopback network address of the machine. This could result in elevation of privilege.
MS11-071 brings back the DLL preloading issue …
Read More»
Microsoft has announced their plans for the September 2011 edition of Patch Tuesday. Microsoft is planning to release 5 new security bulletins. Although this is Microsoft’s ‘light’ Patch Tuesday, we are seeing quite a few Microsoft products being patched this month.
Security Bulletin Breakdown:
2 bulletins affect Microsoft operating systems
3 bulletins affect Microsoft Office and server-based products
5 bulletins are rated as Important
3 vulnerabilities fixed could lead to Remote Code Execution
2 vulnerabilities fixed could lead to Elevation of Privilege
Affected Products:
All supported Microsoft operating systems
Office 2003, 2007, 2010 (Excel)
Groove Server 2007
SharePoint Workspace 2010
Excel Viewer
Office Compatibility Pack 2007
SharePoint Server 2007, 2010
Office Forms Server …
Read More»
With the August 2011 edition of Patch Tuesday, Microsoft has just released 13 bulletins addressing 22 vulnerabilities. This month marks a “heavy” month for Microsoft for Patch Tuesday.
The first bulletin administrators should look at patching first is the bi-monthly cumulative update for Microsoft Internet Explorer (MS11-057). This bulletin addresses typical vulnerabilities in Internet Explorer where browsing to a malicious website could result in remote code execution. Two of the seven vulnerabilities fixed with this bulletin are publicly known. At this time, Microsoft has not received any reports of attacks against the vulnerabilities. With any publicly disclosed …
Read More»
