Security Patches | Silicon Shecky

Black (Patch) Tuesday…

June 10, 2009 By Michael Kavka Leave a Comment

Ahh yes, the second Tuesday of the month and Microsoft releases patches. This month is a big month for it again with 10 patches, 6 of them marked as critical. So what do we have patched this time?

1) Active Directory. It seems that there are holes in Active Directory’s security that can allow remote code execution. Definitely do some testing on this patch, but try to roll it out as quickly as possible. This does affect 2000, 2003, and XP

2) Print Spooler. A patch that closes up 3 vulnerabilities that could allow remote code execution. Another one that should be rolled out as quickly as possible. I have not heard of code in the wild on this, but you know how quickly people will jump on such a critical system hole.

3) Internet Explorer. Big surprise here as IE seems to get a patch at least every other month. Considering that Microsoft was able to compromise Firefox’s security with a .Net add on for it, the holes in IE need to get patched up as quickly as possible.

4) Word, Excell, Works. I hope you aren’t using Works, but with Word and Excel, test these and then deploy, even though they are marked as critical.

Those are the Critical’s as decided by Microsoft. Interestingly the Direct X vulnerability, which does have code exploiting it in the wild, has no patch whatsoever, and no sign that Microsoft is going to patch that hole anytime soon. Again a concern where Microsoft is concerned, but not surprising considering the amount of resources working on Windows 7, and the amount of reported vulnerabilities Microsoft must receive every month. More information on the Microsoft patches can be found here.

Also, Adobe released a patch to address a number of vulnerabilities that have been found in its Acrobat Reader. Information on that can be found here.

Yep, a busy Patch Tuesday, so go get them, test em, and deploy em. And if you find a problem with any of the patches, or caused by them, let me know.

2008 and Vista SP2 now available

May 27, 2009 By Michael Kavka Leave a Comment

So, after a long refreshing weekend, I”m back, and over the course of that weekend something interesting happened.

Service Pack 2 for Server 2008 and Vista was officially released. Now you might say, “Its only a service pack, what is the big deal?” The truth is, especially in this day and age, any Service Pack is a big deal. Not only does it roll up security updates that had been previously released, but it usually also has bug fixes, some new features, and a few other goodies inside it, plus it lays the groundwork for what is to come.

Especially with Vista, the Service Pack is a major thing. I have not read the release notes on it yet, but have heard that it does address a bunch of issues with Vista. I seriously recommend downloading it and testing it on non-production machines first though.

Google Poisoning gives Malicious Search Results

May 19, 2009 By Michael Kavka Leave a Comment

Google, we have a problem. It seems you can’t go to a single tech site right now without hearing about the “Google Poisoning Attack” and how it works. For an attack that has been around since March, its amazing that it is now starting to pick up mainstream attention.

To put it in simple terms, legitimate websites are unknowingly causing the problem due to flaws in Adobe software. Adobe, yep, Flash, Acrobat, other items, doesn’t matter. It seems that there is some flaw involved with it all. I do know that there have been a few Zero-Day Adobe exploits that have recently been patched by Adobe, heck my own machine got updated today. Will it help me out, I don’t know.

The scary thing about it all is that although this poisoning has been around since march, the amount of affected sites has almost quadrupled in one weeks time from about 800 to about 3000 according to ScanSafe. CERT has raised a red flag because of this huge increase, and it does not look like it is slowing down.

The real question about all of this is again, patching. When was a fix for the vulnerability released, and how long does it take companies to patch?

I’d post more information about what happens to your machine such as FTP usage, stolen passwords, etc, but honestly, so much is out there on it that you just need to go to any site such as eWeek’s site to get more info on the attack itself. Just be careful and make sure your machines are as updated as they can be.