TWENTY-THREE critical bugs patched this month. Wow.
- TAGS:Microsoft, MSFT, patch Tuesday, Windows Update, WSUS
- IT TOPICS:Desktop Apps, Internet, Security, Windows
In Wednesday's ITÂ Blogwatch, Richi Jennings watches bloggers watch this month's Patch Tuesday -- a huge, steaming pile of security fixes. Not to mention the insane price of Nikon's new D3x...
Gregg Keizer gets downloading:
Microsoft Corp. today patched 28 vulnerabilities, nearly all of them marked "critical," in the biggest batch of fixes it has issued since it switched to a regular monthly update schedule more than five years ago.
Of the 28 bugs quashed today, Microsoft ranked 23 of them critical, the top rating in its four-step scoring system. Of the five others, three were judged to be "important," the next step down, and two were pegged as "moderate." The patches were issued in eight updates for Windows, Internet Explorer, Office, SharePoint, Windows Media, and the company's most popular development tools, Visual Basic and Visual Studio.
...
This month's eight security updates can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.
Doug Barney wakes up with a start:
Last month, you could've slept through Patch Tuesday, there was so little action. But now that you're all rested, you can handle tomorrow's Patch Tuesday with its eight remedies, six of them critical.Once again, remote code execution (RCE) is the theme of the day, as all patches address this stubborn bugaboo. If you have Windows XP, Vista, Windows 2000 or Windows Server 2003 or 2008, get your spackle ready -- cuz it's time to patch!
Moti Joseph joins Jay Liew, describing why we should care:
MS08-073 is a critical cumulative security update for Internet Explorer ... If you use Internet Explorer, this means that there are now 4 additional ways for your desktop to get infected with malicious code if you happen to simply visit a malicious Web site. This is also known as a "drive-by" because it happens silently, without requiring any explicit user action beyond visiting the site.
...
MS08-071 is a fix for two vulnerabilities ... in Microsoft's graphics API ... Because Web sites include image files, these vulnerabilities mean that all you have to do to infect your machine is load a malicious site in your browser. Long-time readers may recall that Websense Security Labs researchers were the first to discover malicious .WMF images spreading on the Web (see the alert here) back in 2005.
...
MS08-075 is another critical patch, this time for Windows Search. This resolves two vulnerabilities ... that could allow an attacker to completely take over your desktop by means of a specially-crafted search URL ... If you hover your mouse over a hyperlink on a Web site and see a URL that starts with search-ms:// (instead of http://), something might be amiss.
Microsoft's Christopher Budd drops in to say "Hi":
Hi ... In addition, today we’ve published Microsoft Security Advisory 960906 regarding new reports of a vulnerability in the Wordpad Converter for Word 97 files affecting Windows 2000 SP4, Windows XP SP2 and Windows Server 2003 SP1 and SP2. We are aware of very limited and targeted attacks seeking to exploit this vulnerability. The advisory details workarounds that you can evaluate while we develop a security update for this issue.
...
This month the Windows Malicious Software Removal Tool is adding detection for two new families: Win32/FakeXPA and Win32/Yektel. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have posted information on these new families on their blog.
And Microsoft's Mark Wodrich adds:
Today we released MS08-076, which addresses two flaws in the Windows Media components: Windows Media Player, Windows Media Format Runtime, and Windows Media Services. Viewed separately, the issues are not that severe and the aggregate severity rating is Important at most. However, if the two issues are combined the impact can be quite severe, with the potential for Remote Code Execution. Read on to understand how these issues can be combined by an attacker and how they are related to the SMB Reflection bulletin we released last month.
Justin James jokes:
This month’s relatively light round of Microsoft Windows patches must be my early holiday present from Steve Ballmer and company! All joking aside ... most of them should be applied immediately.Because many of the security vulnerabilities this month were privately disclosed, there are no problems in the wild, but expect there to be some within a day or two. Happy holidays to all, and see you on the second Tuesday of 2009!
[There's more on this story: Zero-day IE exploit targeting "missing" patch]
And finally...
- Yet another example of the "Downfall" Hitler rant meme; this time he's having a go at Nikon
Buffer overflow:
Other Computerworld bloggers:
- Seth Weintraub: Walmart represents 'mainstreamification' of iPhone
- Robert L. Mitchell: Citrix offers PC vouchers, envisions iPhone desktop
- Mike Elgan: Clueless book publishers miss huge opportunity
- Dan Tynan: Cartoon justice: Man convicted for Simpsons porn
- Mike Elgan: Company claims new cell phone chip neutralizes radiation
- SJVN: XP lives... for a price
- Tony Asaro: Drobo - Virtualized Disk Drives
- Preston Gralla: Mumbai terrorists' most powerful weapon: VoIP phones
- Shark Tank: And I think we know the answer
- Shark Bait: I want it for free, and right now!
Like this stuff? Subscribe to the RSS feed.
Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 23 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him on Twitter, pretend to be Richi's friend on Facebook, or just use boring old email: blogwatch@richi.co.uk.
Previously in IT Blogwatch:
Free Insider Guide