Average Rating: Rate this article:

Microsoft Battles Worms with Critical Windows Patch By Jennifer LeClaire August 15, 2012 10:35AM     Small businesses and campus locations where Windows computers are configured in workgroups are particularly vulnerable to some of the security holes addressed by Microsoft. Those with Windows XP on their network should also install the patches ASAP to avoid serious harm, since the malware is network aware with no authentication required.   Related Topics Microsoft Patch Windows Network Security Latest News CRM Booming, BPM Critical Too Is Cumulus OS Really a Cisco-Killer? Dish Network Drops Pursuit of Sprint Snowden To Dish More Info on NSA Spammers Target Victims by Phone IT admins take note: Microsoft has issued nine security bulletins as part of August's Patch Tuesday. Five are rated critical and four rated important. Altogether, the bulletins address 26 vulnerabilities in Microsoft Windows, Internet Explorer, Exchange Server, SQL Server, Server Software, Developer Tools, and Office. Andrew Storms, director of security operations at nCircle, told us another MSCOMCTL-related bug is at the top of the Microsoft list. Microsoft previously patched the Windows Common Control bug with bulletin MS12-027 in April. That, Storms said, made everyone sit up and take notice because it affects a huge number of applications including some very serious back office core systems, like SQL servers and commerce servers. "There is some good news this month -- that the attack vector associated with the MSCOMCTL patch is an RTF file -- and the victim has to explicitly open the file to allow the exploit," Storms said. "If you can't get this patch rolled out or mitigation applied quickly, you should remind users about the dangers of opening attachments from unknown persons." Backlog of IE Patches Noteworthy is the fact that August marks the third month in a row with a new Internet Explorer patch. That demonstrates how Microsoft is leveraging its recently announced initiative to release IE patches more frequently. Storms said this probably means there are a lot more IE patches in the future since it's a good bet Microsoft will be tackling their IE backlog post haste. "As expected, MS is patching the zero-day bug called 'Oracle Outside in Exchange' bug. This vulnerability really never went anywhere in the exploit community. We have so far seen very little uptake on actively exploiting the bug," Storms explained. Meanwhile, MS12-054 contains a sprint spooler bug with a potentially wormable condition. Storms said keen-eyed attackers are going need to focus carefully on the vulnerability to uncover all of its potential. "This is something that predominately affects small business and campus locations where Windows computers are configured in workgroups," Storms said. "If this describes your business, deploy this patch as soon as you can." Potentially Wormable MS12-053, an RDP bug only affecting XP, another bug with a potentially wormable condition, ranks lower in the MS deployment priority. Storms warned that this one has the potential for serious impact because it is network aware and no authentication is required. If you have XP on your network, he suggested getting the mitigations for this one installed ASAP. Tyler Reguly, director of IT security research and development at nCircle, noted that August's Patch Tuesday saw more of the usual patches for Office, Win32K.sys and Internet Explorer. He told us most enterprise teams should be pros by now when it comes to testing and deploying these patches. "Microsoft listed MS12-060 as the most critical issue this month. They mention it is seeing limited targeted attacks and it patches different components of a control patched only a few months ago," Reguly said. "Given the attack vectors, I'd say that Microsoft has definitely ordered things properly this month."   Tell Us What You Think Comment: Name: Also Visit: iPad Info Center Billions of Bytes Mobile Device Now Apple Info Center TopTechWire.com Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.  Data Security 1.   Spammers Target Victims by Phone 2.   Yahoo, Apple Disclose Data Requests 3.   Prism's Secret: Bigger Data Seizure 4.   MS, Facebook Tell of Security Requests 5.   Study: Gap in Cloud Perception, Reality Bank Phishing Attacks Raise Fears Business, personal accounts at risk. Average Rating: MS, Facebook Tell of Security Requests Thousands of records were sought. Average Rating: Spammers Target Victims by Phone Connected devices a perfect platform. Average Rating:

Product Information and Resources for Technology You Can Use To Boost Your Business BYOD & MDM   Forrester Research Inc., Report: BYOD from AT&T. Make everyone more efficient. CRM Systems   How Microsoft Dynamics helped mobilize retail businesses   2 million CRM success stories and counting...   Experience CRM and Business Success today with Salesforce.com. Contact Centers   Unlock the potential in your people with Microsoft Dynamics   Improve your customer relationships with Microsoft Dynamics Customer Data   See how you can benefit from Microsoft Dynamics Customer Service   Improve your customer relationships with Microsoft Dynamics   2 million CRM success stories and counting...   Unlock the potential in your people with Microsoft Dynamics   Make customer support easy with Desk.com customer support solution   Improve your customer relationships with Microsoft Dynamics Data Centers   Your Next Generation Data Center Is Here! Vblock™ Systems from VCE Data Security   Simpana® 10 software: an exponential leap forward E-Commerce   Make customer support easy with Desk.com customer support solution Enterprise Hardware   The 2013 Toughpad™ tablets. Rugged, secure and built for business.   The best document scanner for you? Try KODAK's scanner selector   APC makes it easy for you to focus on business growth, not downtime. Enterprise I.T.   Brocade's mission: Making networks easier to deploy, manage, and scale.   11 Challenges Solved by Infrastructure for Small IT Environments Enterprise Software   Get critical data off paper and into SharePoint! Watch the video.   Simpana® 10 software: an exponential leap forward Hardware   The 2013 Toughpad™ tablets. Rugged, secure and built for business.   Rugged and reliable Panasonic Toughbook® mobile computers   The best document scanner for you? Try KODAK's scanner selector Innovation   The best document scanner for you? Try KODAK's scanner selector   Brocade's mission: Making networks easier to deploy, manage, and scale.   The best document scanner for you? Try KODAK's scanner selector Laptops & Tablets   Panasonic Toughbook® mobile computers are built to keep you running. Mobile Tech   Panasonic Toughbook® mobile computers are built to keep you running.   Rugged and reliable Panasonic Toughbook® mobile computers Small Business   The best document scanner for you? Try KODAK's scanner selector Tech Trends   APC makes it easy for you to focus on business growth, not downtime.

Enterprise Hardware Spotlight

Samsung Offers Tiny, Superfast PCIe SSDs for Ultrabooks Solid-state drives are continuing their march forward. On Monday, Samsung Electronics announced it has started to mass produce the first PCI-Express 3.0 SSDs for the new wave of Ultrabooks.   Amazon.com Joins 3D Printer Craze, Enabling Wide Availability Commercially available 3D printers have recently moved from being expensive hobbyist devices to being pricey but accessible consumer and manufacturing machines. And now, Amazon.com will sell 3D printers & supplies online.   New Facebook Data Center Uses All Home-Grown Servers Facebook has opened its new data center in Lulea, Sweden. The data center is a first in two ways: the first in Europe and the first to be equipped with all Facebook-designed, Open Compute servers.

Enterprise Technology Spotlight

Texting Spammers Correlate Phone Users to Local Banks If you use an Internet-connected smartphone, touch tablet, e-reader, notebook, laptop or desktop computer you care about cybersecurity and online privacy. One topic: SMS text-messaging spam.   New Facebook Data Center Uses All Home-Grown Servers Facebook has opened its new data center in Lulea, Sweden. The data center is a first in two ways: the first in Europe and the first to be equipped with all Facebook-designed, Open Compute servers.   Cisco Telecom Router Ready for Internet Traffic Flood The Carrier Routing System-X unveiled by Cisco for the telecommunications industry is a 400 Gbps per slot system that can be expanded to nearly 1 petabit per second, enough to deal with the coming flood in demand.

Navigation NewsFactor Network Home/Top News | Enterprise I.T. | Cloud & Virtualization | Applications | Unified Communications | Mobile Tech | Hardware | Business Intelligence World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech Press Releases NewsFactor Network Enterprise I.T. Sites NewsFactor Technology News | Enterprise Security Today | CRM Daily NewsFactor Business and Innovation Sites Sci-Tech Today | NewsFactor Business Report NewsFactor Services FreeNewsFeed | Free Newsletters | About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise Privacy Policy | Terms of Service © Copyright 2000-2013 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.