Category: Patch Tuesday

Microsoft Drops a 9 Security updates on Patch Tuesday

Paul

So I get home and here is what they updated for those who would like to keep track:

  • Vulnerabilities in Active Directory Could Allow Remote Code Execution (KB971055) — This update is only for Microsoft Windows 2000 Server, Windows Server 2003, Windows XP Professional and Windows Server 2003.  This one is Rated critical due to Remote Code Execution, which means a program can install malware or viruses on your system and you wouldn’t know it.

  • Cumulative Security Update for Internet Explorer (KB969897) —This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer.

  • Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (KB970483) —This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication.

  • Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (KB969462) — This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object.

  • Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (KB961501) — This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request.

  • Vulnerability in Windows Search Could Allow Information Disclosure (KB963093) — This security update resolves a privately reported vulnerability in Windows Search. The vulnerability could allow information disclosure if a user performs a search that returns a specially crafted file as the first result or if the user previews a specially crafted file from the search results.

  • Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (Kb957632) — This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file.

  • Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (Kb968537) — This security update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege.

    • [ad]

  • Vulnerability in RPC Could Allow Elevation of Privilege (Kb970238) — This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately.

  • Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (Kb969514) — This security update resolves two privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Word file.

As you can see these are rated from being Critical to Moderate.   Each and every one of these should be updated and can be easily done using [intlink id=”2883″ type=”post”]Autopatcher[/intlink].   Something you should consider before doing these updates is to make a Restore point before proceeding or a [intlink id=”682″ type=”post”]Complete backup[/intlink], just in case.  Also it is suggested to install these at your earliest convenience due to the fact that the malware authors will start using and is called Exploit Wednesday. Also it wouldn’t hurt to install some[intlink id=”2205″ type=”page”] free Anti-virus and Free Firewalls[/intlink] instead of using Windows Firewall. This will help protect your in the future also.

Ms Patch Tuesday For June 2009

Paul

Photo by Andrew Magill Photo by Andrew Magill

Microsoft has released the upcoming patch information for this Tuesday, and boy does it look like a big one. It looks like there will be 10 bulletins this time around:

  • Bulletin 1: Critical (Remote Code Execution):   Windows

  • Bulletin 2: Critical (Remote Code Execution):   Windows

  • Bulletin 3: Critical (Remote Code Execution):   Windows, Internet Explorer

  • Bulletin 4: Critical (Remote Code Execution):   Office

  • Bulletin 5: Critical (Remote Code Execution):   Office

  • Bulletin 6: Critical (Remote Code Execution):   Office

  • Bulletin 7: Important (Elevation of Privilege):        Windows

  • Bulletin 8: Important (Elevation of Privilege):        Windows

  • Bulletin 9: Important (Elevation of Privilege):        Windows

  • Bulletin 10: Moderate (Information Disclosure):    Windows

It will also include one or more updates on WSUS and Windows update, and Microsoft Windows Malicious Software Removal Tool.   This looks to be quite a big set of updates.   Each one is very serious and will probably be a big download.   If your in corporate IT you may want to get ready the [intlink id=”2883″ type=”post”]Autopatcher program [/intlink]this will help update all the important files on each system without having to have a internet Connection.

[ad]We don’t know what they will be until they have dropped from Microsoft, but we can guess that the Latest Directx vulnerability isn’t going to be one of them.  I wouldn’t be surprised if this was going to be pushed out of cycle but that is going to have to wait a see.

The Affected systems are Windows 2000 Through Windows Vista and Server 2008.   Which means if you have windows it most likely will need to be updated.   Although on a side not the Office suite from 2000 to 2008 also will be patched and that includes the Macintosh systems.

It also looks like 7 out of the 10 will require restarts, so the autopatcher will save you time.  I wouldn’t expect this to notbe exploited on Wensday because most of them are Remote Code Execution which means it is easy for a hacker to take control of your system.   These should be installed ASAP and you also should have a [intlink id=”2205″ type=”page”]Firewall and Antivirus installed[/intlink] to better protect your system.

Microsoft to Release One Crictical update for Tuesday

Paul

Microsoft has release the information for May’s Patch Tuesday and it looks like there is one major update for Power point:

ms09patchtuesday1

The Affected software is MS Office 2000, MS office Xp, MS Office 2003, Ms Office 2007, Power point viewer, and MS compatibility pack for Word, Excel, and Power point 2007.

[ad]What will be coming out for Tuesday is as Followers for Non-security Releated:

  • Windows PowerShell 1.0 for Windows Vista (KB928439)

  • Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)

  • Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

  • Windows Malicious Software Removal Tool – May 2009 (KB890830)/Windows Malicious Software Removal Tool – May 2009 (KB890830) – Internet Explorer Version

  • Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)

Although some of this is usual like the Malicious software removal tool, and Windows Junke e-mail filter, we won’t know what else will be released until Tuesday.  Some of the updates will be minor like the Powershell, I am guessing tis will help get ready for SP2, and the SP1 for the .NET framwork also looks to be getting ready for SP2.  So I will keep you updated if i find out what else is released on Tuesday!

Internet Explorer still has a Vulnerability after Tuesday Patch!!

Paul

I just read this on several blogs and thought I’d share the details with you, it seems that Microsoft didn’t know there was a problem with this Bug/Vulnerability.   Computer world has a great article and  says this:

[ad#ad2-right]“The updates Microsoft released yesterday do not address this possible vulnerability,” a Microsoft spokesman said today in an e-mail reply to questions, “but I can tell you that Microsoft is investigating these new public claims of a possible vulnerability in Internet Explorer.”


[Via ComputerWorld]

I can only hope that Microsoft fixes this Vulnerability soon, I would take a guess that they will try to get this out on the patch cycle if not they will push it out after.   Some things to remember with IE(Internet Explorer) is only use it with Microsoft Updates.   I also Suggest downloading FireFox and checking out my Anti-virus and Anti-Spyrware Page for ways to prevent from getting a virus.

Upcoming Patch Tuesday

Paul1 Reply

[ad#ad2-right]I wanted to get prepared for the updates for this Tuesday and I thought I’d go through them and list what Microsoft said about each.   These are what’s been said on Technet and I am sure there will be more.   Each one of these don’t look to serious but I will post Tuesday if there is anything I’ve missed on this post.   As you might know this is not set in stone but just the direction of Microsoft for this Months Release.

KB955839

Update for Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP

Install this update to resolve an issue that is caused by revised daylight saving time laws in many countries. This update enables your computer to automatically adjust the computer clock on the correct date in 2008. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Server 2008 License Terms.

[ad#ad2-left]KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

KB890830

Windows Malicious Software Removal Tool

Microsoft released the Microsoft Windows Malicious Software Removal Tool to help remove specific prevalent malicious software from computers that are running Windows Vista, Windows Server 2003, Windows XP, or Windows 2000. After you download the Microsoft Malicious Software Removal Tool, it runs one time to check your computer for inflection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. Microsoft releases a new version of the tool every month.

[ad#ad2-right]KB905866

Update for Windows Mail Junk E-mail Filter [November 2008] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

I am sure there are going to be others but right now this looks like the normal things Microsoft sends out.  I am sure they are keeping a tight lid on the really serious stuff until last second so I’ll have to report the really important stuff Tuesday.