Go Back   This Blue Marble, a Global Current Events Discussion Forum > Main Floor > Technology

Technology Humans are tool-users, and technology is where our science becomes reality, giving us the powerful electronic and mechanical tools that mostly make our lives easier, yet more complex, and at times frustrating.

Reply
 
Thread Tools Search this Thread Display Modes
Old 02-09-2010, 07:33 PM   #1
Ought Six
Dismember
 
Ought Six's Avatar
 
Join Date: Oct 2008
Posts: 35,164
Blog Entries: 15
Thanks: 176
Thanked 390 Times in 326 Posts
Arrow Microsoft Plugs 26 Vulnerabilities With 13 Patches In Record Update

Microsoft Plugs 26 Vulnerabilities With 13 Patches In Record Update


Stefanie Hoffman
ChannelWeb
Tue. Feb. 09, 2010


Microsoft (NSDQ:MSFT) released a record 13-patch security update for its February Patch Tuesday, repairing a total of 26 vulnerabilities in Windows and Office.

Of the 13 patches Microsoft released Tuesday, five are rated critical, seven are given the slightly less severe ranking of "important," and one is deemed "moderate."

The majority of bulletins -- 11-- addressed security vulnerabilities in Windows, while the remaining two affect older versions of Microsoft Office. Altogether, the monster patch plugged security critical holes in SMB client, ActiveX, Windows Shell Handler, Windows TCP/IP and Microsoft DirectShow.

Microsoft researchers say that one of the top priorities for users patching their systems should be a critical vulnerability in DirectShow. Hackers could infect victims with malware by hosting a malicious AVI file on a Web site, and then entice a user to visit the site with a malicious link embedded in an e-mail or IM message, typically through some social engineering scheme.

Meanwhile, experts also say that some of the most critical vulnerabilities addressed by patch MS10-009, occur in the Windows TCP/IP. Hackers could exploit the vulnerabilities to launch malware by sending infected packets to a computer with IPv6 enabled. The attackers could then crash a user's system in addition to stealing financial and personally identifying data.

"Even if an attacker isn't able to gain remote code execution, they may just be able to crash the system," said Joshua Talbot, security intelligence manager for Symantec (NSDQ:SYMC) security response. "That could have some severe implications for critical infrastructure."

Security experts say that the flaw enables hackers to launch malicious attacks on victim's computers by embedding code inside MS Office files or on Web sites. "Simply browsing an infected Web site will compromise unsuspecting users -- not great for all the holiday shoppers looking to get a jump on their shopping," said Andrew Storms, director of security operations for nCircle, in an e-mail. "The novelty value of this bug is likely to attract researchers. A lot of people will try to be the first to publicly post exploit code."

Talbot also highlighted several bugs in the Server Message Block Server, repaired by Microsoft bulletin MS10-012, which allows hackers to launch malicious attacks by creating a malicious SMB packet and sending it to a vulnerable computer. While the vulnerability is mitigated by the fact that it requires authentication, Talbot pointed out that attackers could exploit the flaw by easily bypassing guest account restrictions.

"SMB servers are often used for data repositories to share files throughout companies. This could be a particularly interesting target for attackers to steal information," Talbot said.

And not just for insiders, he added. "If (victims) didn't' have proper firewalling, an attacker could reach the server via the Internet. It's common for corporations to have laptops and employees that use unsecured wireless. All it takes is one attacker sitting on that wireless network."

Microsoft also released a critical patch for a vulnerability in the Windows Shell Handler affecting Windows 2000, Windows XP and Windows Server 2003, which attackers could exploit by sending a malicious link that appears to the ShellExecute API to be valid. In addition, Redmond issued a cumulative critical patch for ActiveX Killbit flaws.

While so far there are no in-the-wild attacks exploiting the vulnerabilities, proof-of-concept exploit code exists for two vulnerabilities addressed by Microsoft bulletin MS10-015, addressing errors designated as "important" in the Windows Kernel that could enable elevation of privileges if an attacker logged onto the system then ran a malicious application.

So far, security researchers say they have seen no attacks exploiting the issue.

Despite that fact, Microsoft researchers advised users to upgrade their aging legacy systems to protect themselves from possible threats that may emerge after the patches are released. Many of the most critical patches repaired vulnerabilities in aging Windows systems, such as Windows 2000, XP and Server 2003. "We encourage customers to upgrade to the latest versions of both Windows and Office. As this bulletin release shows, the latest versions are less impacted overall due to the improved security protections built into these products," Microsoft said in a company blog post.
__________________
* I have the right to live, thus I have the right to defend my life from attackers who would take it from me.
* I have the right to my private property, thus I have the right to defend my property from thieves who would take it from me.
* I have the right to self-determination, thus I have the right to defend my liberty from tyrants who would take it from me.
* The only usable tools for these tasks are guns, and thus I have the right to shoot anyone who would take my guns from me.
Ought Six is offline   Reply With Quote
Reply

Tags
microsoft, patches, plugs, record, update, vulnerabilities

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 01:12 AM.


Powered by vBulletin®
Copyright © Jelsoft Enterprises Ltd.