Eric Schultze

Inside Microsoft Patch Tuesday: Revenge of the ActiveX Controls

By Eric Schultze
Microsoft has released nine bulletins today, five of them Critical, four of them Important. The bulletins cover a gamut of affected products – almost everything in your enterprise will need to be patched today with the exception of Internet Explorer. No IE patches this month! The majority of bulletin releases these days relate to client-side vulnerabilities – visit an evil website, open an evil document, or read an evil email and you’ll get hacked. These vulns are of greatest concern on the desktop where end users are filling time between Mafia Wars power-ups and Facebook updates by visiting websites that may be hosting content of questionable repute. This month, there are five bulletins addressing these types of issues.

Inside Microsoft’s July Security Patch Batch

By Eric Schultze
Microsoft released six security bulletins  today — three rated Critical and three rated Important.  Two of the issues are being actively exploited on the Internet and four of the issues are client-side vulnerabilities, which means the exploit can only occur if a user visits an evil website or opens a malformed document.

Today’s release is important because patches were released for two recent 0-day attacks – a QuickTime file parsing vulnerability and the recently announced Directshow vulnerability.  Both vulnerabilities are reported as being actively exploited on the Internet.

Patch Counting: Horseshoes and Hand Grenades

By Eric Schultze
Like the old saying goes, “Close only counts in horseshoes and hand grenades.”  I’ve developed a corollary this week, “The ‘number of flaws’ only matters to vulnerability assessment scanners and journalists.”
I’ve read many news stories this week talking about the record number of flaws/vulnerabilities that Microsoft fixed in the June ’09 Patch Tuesday release. For the record, I’m saying that none of this is relevant.

Inside the PowerPoint mega-patch

by Eric Schultze

By Eric Schultze

Microsoft patched all Windows versions of PowerPoint today — addressing both a zero-day flaw [microsoft.com] and 13 other privately reported security vulnerabilities.   The zero-day vulnerability enabled attackers to take over client machines if a user opened a malformed powerpoint document or visited an evil website.  The attacker would be able to execute code on the user’s machine with the same level of permissions afforded to the logged on user.  (If the user was logged on as an administrator, the evil code could execute as admin.  If the user was logged on as a user-level account, then the evil code could only execute with user permissions and not admin permissions).

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.