Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with Microsoft Patch Tuesday
Showing posts in English
Microsoft Patch Tuesday - September 2011
Robert Keith | 13 Sep 2011 20:02:22 GMT | 0 comments

Hello and welcome to this month’s blog regarding the Microsoft patch release. This is a smaller month in terms of patches—the vendor has released five bulletins covering a total of 15 vulnerabilities.

This month, all of the issues are rated “Important” and they affect Windows, Office, Excel, and SharePoint. Of note this month are the Office and Excel issues, which can be exploited to execute arbitrary code if a user opens a specially malformed file.

As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.
- Run all software with the least privileges required while still maintaining functionality.
- Avoid handling files from unknown or questionable sources.
- Never visit sites of unknown or questionable integrity.
- Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft’s summary of...

Read more
Microsoft Patch Tuesday - August 2011
Robert Keith | 09 Aug 2011 20:02:05 GMT | 0 comments

Hello and welcome to this month’s blog on Microsoft's patch releases. This is an average month—the vendor is releasing 13 bulletins covering a total of 22 vulnerabilities.

Three of the issues are rated critical and they affect Internet Explorer and Windows DNS. The DNS issue could allow an attacker to take complete control of an affected computer. The remaining issues—rated important to moderate—affect Internet Explorer, Windows, Windows DNS, Visio, Visual Studio, and the Windows kernel.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available;
  • Run all software with the least privileges required while still maintaining functionality;
  • Avoid handling files from unknown or questionable sources;
  • Never visit sites of unknown or questionable integrity;
  • Block external access at the network perimeter to all key systems unless...
Read more
Microsoft Patch Tuesday - July 2011
Robert Keith | 12 Jul 2011 20:34:50 GMT | 0 comments

Hello and welcome to this month’s blog on Microsoft’s patch releases. This is an average month—the vendor is releasing four bulletins covering a total of 22 vulnerabilities.

Only one of the issues is rated ‘Critical’ and it affects the Microsoft Bluetooth Stack. An attacker in physical proximity to a vulnerable computer can exploit this issue for a complete compromise. The remaining issues, all rated “Important,” include a patch for a previously public issue in Microsoft Visio, and multiple local issues in the Client/Server Runtime Subsystem (CSRSS) and Windows kernel-mode drivers.

As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.
- Run all software with the least privileges required while still maintaining functionality.
- Avoid handling files from unknown or questionable sources.
- Never visit sites of unknown or questionable integrity....

Read more
Inside a Back Door Attack
John McDonald | 29 Jun 2011 11:21:58 GMT | 0 comments

A colleague of mine recently wrote about one of the June “Microsoft Tuesday” vulnerabilities being exploited in the wild. Because we're a bit like that, we decided to allow the exploit to compromise one of our honeypot computers so we could observe what happened.

The exploit first came to our attention by way of email messages that were initially sent to a customer and then passed on to us for investigation. These messages were sent from an account hosted on a popular webmail service, contained very bad grammar, and were purportedly sent by a Chinese university student. The emails either asked for advice on a particular topic, or thanked the recipient for a recent presentation and included a question related to that presentation. The emails included a link to a Chinese restaurant and the destination Web page contained the exploit for an Internet Explorer 8 vulnerability:...

Read more
Microsoft Patch Tuesday - May 2011
Robert Keith | 10 May 2011 18:55:23 GMT | 0 comments

Hello and welcome to this month’s blog on the Microsoft patch release. This is very light month —the vendor is releasing two bulletins covering a total of three vulnerabilities.

One of the issues is rated ‘Critical’ and it affects Windows Internet Name Service (WINS). A remote attacker may be able to exploit this issue to completely compromise a vulnerable computer. The remaining issues are rated ‘Important’ and affect PowerPoint. As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.

- Run all software with the least privileges required while still maintaining functionality.

- Avoid handling files from unknown or questionable sources.

- Never visit sites of unknown or questionable integrity.

- Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft’s summary of...

Read more
Microsoft Patch Tuesday - April 2011
Robert Keith | 12 Apr 2011 20:21:55 GMT | 0 comments

Hello and welcome to this month’s blog on the Microsoft patch release. This is by far the largest month —the vendor is releasing 17 bulletins covering a total of 64 vulnerabilities.

Thirteen of the issues are rated ‘Critical’ and they affect Internet Explorer, SMB Server, SMB Client, the OpenType Compact File format, and GDI+. One of the bulletins this month addresses a record 30 local privilege-escalation vulnerabilities in the Windows kernel-mode drivers.

 As always, customers are advised to follow these security best practices:

-     Install vendor patches as soon as they are available.

-     Run all software with the least privileges required while still maintaining functionality.

-     Avoid handling files from unknown or questionable sources.

-     Never visit sites of unknown or questionable integrity.

-  ...

Read more
Microsoft Patch Tuesday - March 2011
Robert Keith | 08 Mar 2011 19:18:42 GMT | 0 comments

Hello and welcome to this month’s blog on the Microsoft patch release. This is a quiet month —the vendor is releasing three bulletins covering a total of four vulnerabilities. Only one of the issues is rated ‘Critical’ and it affects Media Player and Media Center. The remaining issues, affecting DirectShow, Groove, and Remote Desktop Client, are rated ‘Important’, and are all due to how the applications load Dynamic Linked Library (DLL) files. As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.

- Run all software with the least privileges required while still maintaining functionality.

- Avoid handling files from unknown or questionable sources.

- Never visit sites of unknown or questionable integrity.

- Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft’s...

Read more
Microsoft Patch Tuesday - February 2011
Robert Keith | 08 Feb 2011 19:45:25 GMT | 0 comments

Hello and welcome to this month’s blog on the Microsoft patch release. This is a fairly busy month —the vendor is releasing 12 bulletins covering a total of 22 vulnerabilities. Five of the issues are rated ‘Critical’ and they affect Internet Explorer, OpenType Fonts, and Windows Shell Graphics processing. The remaining issues are rated ‘Important’ and ‘Moderate’ and affect the Windows kernel, Visio, Active Directory, Internet Explorer, Internet Information Services, and Windows.

As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.

- Run all software with the least privileges required while still maintaining functionality.

- Avoid handling files from unknown or questionable sources.

- Never visit sites of unknown or questionable integrity.

- Block external access at the network perimeter to all key systems unless...

Read more
Microsoft Patch Tuesday - January 2011
Robert Keith | 11 Jan 2011 19:36:34 GMT | 0 comments

Hello and welcome to this month’s blog on the Microsoft patch release. This is quiet month —the vendor is releasing two bulletins covering a total of three vulnerabilities. One of the issues is rated ‘Critical’ and it affects Microsoft Data Access Components (MDAC). The remaining two issues are rated ‘Important’ and affect MDAC and a previously public issue in Windows Backup Manager.

Attackers can exploit all of these issues to execute arbitrary code. As always, customers are advised to follow these security best practices:

- Install vendor patches as soon as they are available.

- Run all software with the least privileges required while still maintaining functionality.

- Avoid handling files from unknown or questionable sources.

- Never visit sites of unknown or questionable integrity.

- Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft...

Read more
Microsoft Patch Tuesday - December 2010
Robert Keith | 14 Dec 2010 19:21:07 GMT | 0 comments

Hello and welcome to this month’s blog on the Microsoft patch release. This is another large release —the vendor is releasing 17 bulletins covering a total of 40 vulnerabilities.

Eight of the issues are rated ‘Critical’ and they affect Internet Explorer and the OpenType Font (OTF) format driver. The remainder of the issues are rated ‘Important’ or ‘Moderate’ and affect Publisher, Office, SharePoint, Windows, Windows kernel, Exchange, and Hyper-V. Included in this patch release is a fix for the last of the vulnerabilities Stuxnet was exploiting, the Windows Task Scheduler issue.

 As always, customers are advised to follow these security best practices:

-     Install vendor patches as soon as they are available.

-     Run all software with the least privileges required while still maintaining functionality.

-     Avoid handling files from...

Read more