After a record-breaking October, IT administrators are welcoming a relatively light Patch Tuesday this month. But security researchers said there are serious issues that need to be addressed quickly.
Of the six patches Microsoft released Tuesday, three are critical. The three critical fixes focus on bugs in several versions of Windows, but Windows 7 is apparently immune. There are also three updates rated important that IT administrators need to deploy.
MS09-065, a bug in the Windows kernel, is this month's most serious issue, according to Andrew Storms, director of security operations at nCircle. That's because the vulnerability allows for remote code execution, and the attack code can be embedded inside Microsoft Office files or be hosted on web sites.
"Simply browsing an infected web site will compromise unsuspecting users -- not great for all the holiday shoppers looking to get a jump on their shopping," Storms said. "The novelty value of this bug is likely to attract many researchers. A lot of people will try to be the first to publicly post exploit code."
Interesting Vista Bugs
There are three vulnerabilities this month that target a listening service, noted Tyler Reguly, a senior security engineer at nCircle. While none of them are likely to be considered great candidates for exploit, he said, they are worth noting as they all primarily affect the enterprise.
"It is unlikely that the home user will be running a license-logging server  or have Active Directory up and running," Reguly said. "While Web Services on Devices affects Vista and Server 2008, the attack vector requires that you be on the local subnet, meaning the home user is unlikely to see any real risk."
As a researcher, Reguly found MS09-063 to be the most interesting bug. The bug affects the Web Services on Devices API, a product only introduced in Vista. The bug appears to have already been fixed and released with Windows 7 RTM.
"The Web Services on Devices API attack interests me greatly, as it's remote code execution on a listening service," Reguly said. "I'm rather excited to dig deeper into this one and find out how it works."
Noteworthy Server Patches
There are also fixes for Microsoft Excel and Microsoft Word in Tuesday's release. MS09-067 addresses eight vulnerabilities in which none are publicly known for Microsoft Excel. MS09-068 affects Microsoft Word and addresses one vulnerability that is not publicly known. In order for a malicious hacker to exploit these vulnerabilities, users would have to open a specially crafted Excel/Word document. (continued...)
|
How Do You Avoid the 5 Big Mistakes Customer Service Teams Make?