Tag Archives: execution

Windows Patch Tuesday – April 2009

Microsoft released 8 security bulletins on Tuesday (April 14, 2009) to fix remote code execution and denial of service vulnerabilities.

windows_generic_v_web We have always recommended, on this site, that users ensure that Windows Automatic Update is enabled as a major step in maximizing operating system security.

It is not an overstatement to say; an unpatched Windows system is an invitation to disaster.

If you have updates enabled, patches will be downloaded routinely. Careful users will verify that patches, have, in fact, been applied.

If Windows Automatic Update is not enabled on your system, then you should logon to the MS update site and download and apply these patches immediately.

Vulnerability issues and the corresponding patches:

MS09-010/KB923561 – Important (XP, 2000, 2003): There are four bugs (two previously disclosed publically, two previously undisclosed) that affect a variety of word processing documents, that can allow remote code execution exploits to occur.

MS09-011/KB961373 – Critical (XP, 2000, 2003): This patch closes a hole that let attackers execute a remote code execution attack through MJPEG files; the bug is in DirectX 8.1 and 9.0x.

MS09-012/KB952004/KB956572 – Important (XP, Vista, 2000, 2003, 2008): This patch resolves four holes in Windows that have already been publically disclosed. The hole allows an attacker who is already logged onto the system to escalate their privileges and take full control of the system.

MS09-013/KB960803 – Critical (XP, Vista, 2000, 2003, 2008): This patch addresses three bugs in the Windows HTTP Services system; one of them allows remote code execution which allows an attacker to completely own a system. This is a “must patch” item for all Windows systems.

MS09-014/KB963027 – Critical (XP, Vista, 2000)/Important (2000, 2003): This is a cumulative security update for Internet Explorer 5, 6, and 7. Some of the fixes address already public bugs, some deal with privately disclosed exploits. You should install this patch immediately. Users with IE8 do not need this patch.

MS09-015/KB959426 – Moderate (XP, Vista, 2003, 2008)/Low (2000): This patch takes care of a problem with the Windows Search Path function that could enable an escalation of privileges.

6 Comments

Filed under Application Vulnerabilities, Don't Get Hacked, Malware Advisories, Microsoft Patch Tuesday, Spyware - Adware Protection, Windows Tips and Tools

Massive Patch Tuesday – 28 Vulnerabilities Patched

There are currently 28 vulnerabilities in unpatched Microsoft Windows, Internet Explorer and Microsoft Office, that could allow cyber-criminals to launch malicious attacks on your computer.

On Patch Tuesday, December 9, 2008, Microsoft released security patches to address these issues.

Vulnerability issues and the corresponding patches:

MS08-070 (critical; 6 vulnerabilities fixed): This update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls), which could allow remote code execution if a user browsed a Web site that contains specially crafted content.

MS08-071 (critical; 2 vulnerabilities fixed): This update resolves two privately reported vulnerability in Windows, which could allow remote code execution if a user opens a specially crafted WMF image file.

MS08-072 (critical; 8 vulnerabilities): This update resolves eight privately reported vulnerabilities in Microsoft Office, which could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file.

MS08-073 (critical; 4 vulnerabilities fixed): This update resolves four privately reported vulnerabilities in Internet Explorer, which could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.

MS08-074 (critical; 3 vulnerabilities): This update resolves three privately reported vulnerabilities in Microsoft Office, which could allow remote code execution if a user opens a specially crafted Excel file.

MS08-075 (critical; 2 vulnerabilities): This update resolves two privately reported vulnerabilities in Windows, which could allow remote code execution if a user opens and saves a specially crafted saved-search file within Windows Explorer or if a user clicks a specially crafted search URL.

MS08-076 (important; 2 vulnerabilities): This update resolves two privately reported vulnerabilities in Windows, which could allow remote code execution.

MS08-077 (important; 1 vulnerability): This update resolves one privately reported vulnerability in Microsoft Office SharePoint, which could allow elevation of privilege if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site. A successful attack could result in denial of service or information disclosure.

It is not an overstatement to say; an unpatched Windows system is an invitation to disaster. If you have Windows Update turned on you’re covered, if not, I highly recommend that you download manually immediately.

Updated December 12, 2008:

The details being published about this weeks IE 0-day is incorrect and
insufficient to protect users, read more:
http://secunia.com/blog/38/

The updated Secunia Advisory is available here:
http://secunia.com/advisories/33089/

1 Comment

Filed under Application Vulnerabilities, Don't Get Hacked, Interconnectivity, Internet Safety, Malware Advisories, Microsoft Patch Tuesday, Spyware - Adware Protection, Windows Tips and Tools