Silicon Shecky

Infosec Practitioner

Connect

Patch Tuesday is here

By Leave a Comment

With all the hacks going on out on the net today, patching your machines is more critical than ever.

Microsoft is releasing 16 Patches, 9 of which Microsoft deems critical. Patches include Windows, Office, and .Net, and all attempt to address RCE attacks.

Oracle has also released a major patch for Java in the past few days which addresses a number of security vulnerabilities. Adobe has patches out recently for Flash, Apple is playing whack-a-mole with malware, and basically there is a lot of patching to do.

Don’t forget though, with all these patches, to test them before deploying them. It doesn’t happen very often, but some patches can break your software.

Black (Patch) Tuesday…

By Leave a Comment

Ahh yes, the second Tuesday of the month and Microsoft releases patches. This month is a big month for it again with 10 patches, 6 of them marked as critical. So what do we have patched this time?

1) Active Directory. It seems that there are holes in Active Directory’s security that can allow remote code execution. Definitely do some testing on this patch, but try to roll it out as quickly as possible. This does affect 2000, 2003, and XP

2) Print Spooler. A patch that closes up 3 vulnerabilities that could allow remote code execution. Another one that should be rolled out as quickly as possible. I have not heard of code in the wild on this, but you know how quickly people will jump on such a critical system hole.

3) Internet Explorer. Big surprise here as IE seems to get a patch at least every other month. Considering that Microsoft was able to compromise Firefox’s security with a .Net add on for it, the holes in IE need to get patched up as quickly as possible.

4) Word, Excell, Works. I hope you aren’t using Works, but with Word and Excel, test these and then deploy, even though they are marked as critical.

Those are the Critical’s as decided by Microsoft. Interestingly the Direct X vulnerability, which does have code exploiting it in the wild, has no patch whatsoever, and no sign that Microsoft is going to patch that hole anytime soon. Again a concern where Microsoft is concerned, but not surprising considering the amount of resources working on Windows 7, and the amount of reported vulnerabilities Microsoft must receive every month. More information on the Microsoft patches can be found here.

Also, Adobe released a patch to address a number of vulnerabilities that have been found in its Acrobat Reader. Information on that can be found here.

Yep, a busy Patch Tuesday, so go get them, test em, and deploy em. And if you find a problem with any of the patches, or caused by them, let me know.

March Patch Tuesday

By Leave a Comment

So here it is, the second Tuesday of March and we all know what that means. Yep Microsoft Patch Tuesday! So lets ee what good old Microsoft has patched up for us this month.

The only Critical is a Windows Kernel update, which is patching a hole that, “could allow an attacker to take complete control of your computer if you view a website, email, or document that contains an evil graphic or picture,” according to Eric Schultze of Shavlik Technologies.

Now we all know that a hole in the kernel is bad, and the way this is made to sound this hole can be even worse than other kernel hole, but still I would recommend installing the patch in a test environment first if possible, or at least on a non-mission critical machine. Something about making changes to the Kernel always make me a little leary.

Then there is a series of 4 patches for DNS. Not surprisingly these are for lesser used holes along the Kaminsky DNS attack lines. Definitely get these installed especially with some of the odd ways some viruses seem to be showing up from spoofed DNS.

Finally a patch related to SSL spoofing. Again important, but like the DNS patches, not listed as critical.

Personally, all the patches seem to adress some very serious issues. How SSL and DNS spoofing are not thought of as critical for patching is beyond my comprehension though. At least Microsoft did patch them. Now where is the Excel patch for a major hole in that program?

Mike