Microsoft patches five holes, nukes six certificates

Powered by SC Magazine
 

Light updates hard on DigiNotar.

Microsoft released five bulletins rated as "important" yesterday – its lightest Patch Tuesday of the year.

Pete Voss, from Microsoft's Trustworthy Computing, said because nothing was rated as "critical", none of the patches were given a level one deployment priority.

However, Tyler Reguly, technical manager of security research and development at nCircle, said priority should be given to the Excel patch because Microsoft accidentally released the patches last Friday.

Qualys technology head Wolfgang Kandek said top priority should be given to MS11-072, which fixed an arbitrary code execution vulnerability in all versions of Excel.

“To exploit this issue, attackers could create malicious Excel files, which when opened on vulnerable hosts can take control of the system," he said.

"Priority should also be given to MS11-073, which fixes a code execution vulnerability in Microsoft Office versions 2003, 2007 and 2010, including Microsoft Word. Attackers could use a malicious word file (CVE-2011-1982) to execute code on victim machines.”

Vmware research and development head Jason Miller said vulnerability MS11-073 addressed an issue with Microsoft Office that would be difficult to exploit, and offered two attack scenarios.

"Scenario one: An attacker entices a user to open an Office file located in a directory with a malicious DLL (this scenario would most likely have an attacker already on a corporate network in order to plant the malicious DLL)."

“Scenario two: An attacker sends a malicious Office document and entices the user to save the file, and subsequently open the file in a directory that contains a malicious DLL. Both of these scenarios can be prevented if the Microsoft Office File Validation Add-in is installed. This feature was originally introduced in Microsoft Office 2010. Microsoft has since provided this defence-in-depth measure through an update.”

Kandek also highlighted bulletin MS11-070, which patches a DLL preloading issue that affects the deskpan.dll component in all versions of Windows.

“Only Microsoft server operating systems are affected by this vulnerability (Windows 2003, Windows 2008, Windows 2008 R2). In order for an attacker to carry out an exploit, the attacker must have access and login credentials to the machine. Once on the machine, the attacker could send a malicious WINS request to the local loopback network address of the machine. This could result in elevation of privilege,” said Miller.

Microsoft also banned six additional DigiNotar root certificates, cross-signed by Entrust and GTE.

nCircle security director Andrew Storms said Microsoft "anything and everything associated with DigiNotar is getting purged”.

Elsewhere, Skype has issued support for Windows 8, while Adobe released critical vulnerability patches for its Acrobat and Reader products.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition


Microsoft patches five holes, nukes six certificates
 
 
 
Top Stories
Business-focused Windows 10 brings back the Start menu
Microsoft skips 9 for the "greatest enterprise platform ever".
 
Feeling Shellshocked?
Stay up to date with patching for the Bash bug.
 
Amazon forced to reboot EC2 to patch Xen bug
Rolling restarts over next week.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Constantly rushing to the printer to stop other people seeing your printouts?
Sep 24, 2014
Lexmark's latest family of small-business printers include a feature that lets you stop anyone ...
This 4G smartphone costs $219
Sep 3, 2014
It's possible to spend a lot less on a smartphone if you're prepared to go with a brand you ...
Looking for storage? Seagate has five new small business NAS devices
Aug 22, 2014
Seagate has announced a new portfolio of Networked Attached Storage (NAS) solutions specifically ...
Run a small business in western Sydney?
Aug 15, 2014
This event might be of interest if you're looking to meet other people with a similar interest ...
Buying a tablet? Microsoft's Surface Pro 3 goes on sale this month
Aug 8, 2014
Microsoft has announced its Surface Pro 3 will go on sale in Australia on 28 August from ...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  66%
 
Advanced persistent threats
  4%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1357

Vote