Two critical patches for IE and Silverlight released

Powered by SC Magazine
 

MS11-081 a priority.

Microsoft released eight security bulletins yesterday to address 23 vulnerabilities.

As revealed by SC, two of the patches are rated as critical, while the remaining six are rated as important.

According to Wolfgang Kandek, CTO of Qualys, highest priority should be given to MS11-081, which patches a code execution vulnerability in Internet Explorer.

“The exploit occurs when a victim uses IE to browse a malicious website. High priority should also be given to MS11-078, which fixes a vulnerability in Microsoft Silverlight and the .NET framework. This vulnerability is also exploited when a victim browses a malicious website with a Silverlight-enabled browser.”

Marcus Carey, security researcher and community manager at Rapid7, said: “When I look at security vulnerabilities, first I want to understand which ones can have the most widespread impact. MS11-081 is a cumulative update which affects Internet Explorer, so it relates to both corporate and home users.

“As far as we know, none of the vulnerabilities have been used in the wild. Having said that, this is something that systems administrators and home users should be patching as soon as possible.

“MS11-078 is an interesting bulletin because it requires administrators to patch both .NET and Silverlight installations. Patching to mitigate the vulnerabilities associated with this bulletin is critical, so administrators need to be diligent in applying both fixes, or else this vulnerability will persist.”

Tyler Reguly, technical manager, security and research development, at nCircle, said: “If I were responsible for patching systems, I'd want to patch IE first. It will be interesting to see if the vulnerability code for Silverlight 3 is released this month as Microsoft predicted. I'm curious to know how many people are running Silverlight 3 versus Silverlight 4. With Silverlight, I'm not always sure what I'm running.”

Jason Miller at VMware agreed that MS11-081 should be the priority because the vulnerabilities in browsers are top exploit targets for attackers.

Regarding MS11-078, Miller said: “If an attacker can entice a user to visit a malicious site, a vulnerability could then be exploited that results in remote code execution. With most 'browse then attack' scenarios, the vulnerability is attacked through the browser.

“It is important to note that Microsoft .NET Framework patches typically take quite a while to run. The patches can also be quite large for each version of the program (example: the .NET 4.0 update ranges from 10MB to 22MB in size).”

In regard to the other patches, Kandek said they should be scheduled after the critical bulletins are patched. He said: “Two DLL preloading issues were fixed by MS11-075 and MS11-076. More information about DLL preloading and workarounds can be found in advisory 2269637 from last year.

“Two local EoP issues were fixed in win32k.sys and AFD.sys by MS11-077 and MS11-080. To exploit these issues, attackers already need to have access to the target systems to gain higher privileges. Two patches were released for less pervasive technologies, namely Forefront Unified Access Gateway and Host Integration Server. In our opinion, the exposure for this is very low, but if your corporation uses these technologies, then patching is recommended.”

Carey said: “MS11-079 for Microsoft Forefront will affect the smallest number of organisations, because security infrastructure is one of the few areas where Microsoft isn't dominant. The specially crafted URL warning is indicative of a Cross Site Scripting (XSS) vulnerability.

“Forefront gives organisations VPN access to their internal networks, so an attacker would be able to exploit the vulnerability to steal login credentials and gain access to customer data. If you are running Forefront, I recommend testing and patching as soon as possible.”

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition


Two critical patches for IE and Silverlight released
 
 
 
Top Stories
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
Will Nutanix be outflanked before reaching IPO?
VMware muscles in on storage startup in hyper-converged infrastructure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Looking for storage? Seagate has five new small business NAS devices
Aug 22, 2014
Seagate has announced a new portfolio of Networked Attached Storage (NAS) solutions specifically ...
Run a small business in western Sydney?
Aug 15, 2014
This event might be of interest if you're looking to meet other people with a similar interest ...
Buying a tablet? Microsoft's Surface Pro 3 goes on sale this month
Aug 8, 2014
Microsoft has announced its Surface Pro 3 will go on sale in Australia on 28 August from ...
Apple's top MacBook Pro with Retina is now cheaper
Aug 1, 2014
Apple has updated its MacBook Pro range with faster processors and new pricing, including ...
Pass on carbon tax savings, warns ACCC
Jul 24, 2014
The ACCC is warning businesses that supply "regulated goods" to pass on any cost savings ...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  7%
 
Insider threats
  11%
TOTAL VOTES: 630

Vote