Time flies. Another month has gone by and Patch Tuesday is upon us again. is delivering a , a virtual avalanche of updates after a relatively quiet January that saw only one security bulletin on Patch Tuesday, and one released out-of-band mid-month to in Internet Explorer that was used to and other companies in China.
According to Qualys CTO Wolfgang Kandek, that out-of-band security bulletin saved February from breaking the record for most security bulletins in a month. "Microsoft's February 2010 was slated to be the biggest release for Microsoft patches in the last two years--14 bulletins addressing 34 vulnerabilities. But the Google/CN Internet Explorer 0-day forced Microsoft to accelerate the testing of the planned IE bulletin and release it early, still in January. That leaves 13 bulletins covering 26 vulnerabilities for the February release, which constitutes one of the bigger patch Tuesdays."
Kandek explains "There are 5 critical vulnerabilities for the Windows Operating System family--the newer versions, Windows 7 and Windows 2008 R2, are only affected by three of them. Rewrites of the TCP/IP stack and the URI handling in Windows 7 and 2008 R2 improved on the implementation of these core OS capabilities. Highest on our list for patching are MS10-006 SMB client and MS10-013 DirectShow, which affect all versions of Windows and have a low exploitability index. Next are MS10-007 Shell URI handling, which is critical for Windows 2000, XP and 2003 and MS10-008, an update to the ActiveX Killbit settings, applicable to all platforms."
"The SMB Server pathname overflow vulnerability tops my list this month," said Joshua Talbot, security intelligence manager, Symantec Security Response. "Server-side vulnerabilities aren't too common anymore, but they're a golden goose for attackers when they are discovered. With this one, if an attacker can find a vulnerable remote server that has a guest account set up, just like that, they've got access to the machine and possibly the entire local network--all without any user involvement required."
Golden geese aside, Tyler Reguly, lead research engineer for nCircle, commented via e-mail with a different perspective. "For the end user, the concerns definitely lie with client-side software. From today's advisories, Microsoft Office, Windows Media Player and even Microsoft Paint are the types of tools that most of those users will have. I'm willing to risk sounding like a broken record: patching is a must. Every user should be running automatic updates on their PC and ensuring that their software stays as up to date as possible.
nCircle director of security Andrew Storms echoed Reguly's concern with MS10-0013. "The most important bug by far for all IT security teams is the MS10-0013, a bug in Microsoft media player. The nature of the exploit lends itself to drive-by attacks that leave unsuspecting victims infected. Since media is what excites people most on the Internet today, an exploit of this bug would make it extremely easy to entice users to watch videos that are actually gateways to malware."
 | Seite: 1 | 2 |  |
| ||||
| ||||
| Informationsvorsprung sichern - CIO-Newsletter bestellen | |||
| |||
UMFRAGE
