HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 5 MINUTES AGO.
You are here: Home / Network Security / Admins Get a Patch Tuesday Gift
Light Patch Tuesday May Lead To Out-of-Band Patch
Light Patch Tuesday May Lead To Out-of-Band Patch
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
NOVEMBER
09
2011

Microsoft on Tuesday issued four security bulletins to address four vulnerabilities. Microsoft only rated one critical, an early holiday present from Redmond. But security industry researchers warned IT admins not to get complacent.

Although November's patch update is small, it's possible Microsoft will release an out-of-band patch for the zero-day vulnerability the Duqu installer exploits, said Joshua Talbot, security intelligence manager at Symantec Security Response.

"Microsoft recently published a security advisory as well as a temporary fix and is currently investigating the vulnerability," Talbot said. "In addition to implementing the temporary fix, IT departments and end users should also remain vigilant in following standard security best practices."

Difficult to Exploit

Andrew Storms, director of Security Operations for nCircle, said MS11-084 is the most interesting bulletin this month. This kernel bug deals with how font files are parsed. Microsoft rated the flaw moderate.

"The interesting thing about this bulletin is that it appears to have a lot in common with the Duqu advisory Microsoft released last week," Storms said. "I wonder if we are seeing the beginning of a new malware trend focused on exploiting kernel and font-parsing bugs."

As Storms sees it, the only critical bulletin this month doesn't look very threatening, at least on the surface. The Microsoft Security Research and Defense team blogged about the attack scenario for this bug and described it as "difficult to exploit in a real world scenario," probably because default firewall configuration settings successfully block the attack, he said.

"Enterprise security teams should patch this critical bug fairly quickly anyway because if attackers find a way to leverage it they can gain remote code execution privileges," Storms said.

The Browser Path

Paul Henry, security and forensic analyst at Lumension, pointed to a trend he sees in the security landscape. Overall, he said, it seems the primary threat vector these days is browser and third-party add-ons.

"A recent report noted that malicious domains have increased by 89 percent year-over-year," Henry said. "Simply put, hackers recognize that users simply do not patch their third-party add-ons and, as always, they capitalize on that weakness to compromise our environments."

Henry noted that social media continues to be a risk to the enterprise. After insisting there was no concern, for example, Facebook reportedly corrected an issue that allowed a user to send another user an executable attachment using message capability. Henry said this created an easy platform for launching spear-phishing attacks.

"In addition, an issue in WordPress may have compromised up to 1 million blogs, a problem in the popular tool TimThumb, that when used in WordPress blogs to access photo sites can cause users to be redirected to malicious Web sites," Henry said.

"And let's not forget the cloud. Security issues continue to cause problems this Patch Tuesday period. Thankfully, Amazon is on top of it and corrected an issue that could allow hackers to hijack Amazon customer accounts."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
ISACA® offers a global community of more than 115,000 IS/IT constituents in over 180 countries. We develop and deliver industry-leading certifications, education, research and business frameworks. We equip individuals to be leaders in the fast-changing world of information systems and IT - Learn More>
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.