Microsoft Issues Three Patches For Eight Vulnerabilities - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Operating Systems
News
3/10/2009
04:19 PM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Microsoft Issues Three Patches For Eight Vulnerabilities

A "critical" update resolves a vulnerability in the Windows kernel that could allow remote code execution if a user views a maliciously crafted EMF or WMF image file.

Microsoft on Tuesday released three Security Bulletins addressing eight separate vulnerabilities.

One bulletin is rated "critical" and two are rated "important."

MS09-006 ("critical") resolves a vulnerability in the Windows kernel. The flaw could allow remote code execution if a user views a maliciously crafted EMF or WMF image file.

MS09-007 ("important") addresses a vulnerability in the Secure Channel (SChannel) security package in Windows. If exploited, it could allow spoofing, provided the attacker gains access to an end-user authentication certificate.

MS09-008 ("important") fixes vulnerabilities in the Windows DNS server and Windows WINS server. If exploited, these vulnerabilities could allow network traffic hijacking.

As expected, Microsoft did not patch the Excel vulnerability disclosed last month.

John Moyer, CEO of BeyondTrust, said in an e-mail that organizations should be particularly vigilant about malware attempting to exploit the Excel vulnerability given that Excel is used more frequently during tax season.

Alfred Huger, VP of development at Symantec Security Response, warned in an e-mail that the Windows kernel vulnerability could allow an attacker to take over a victim's computer using an HTML e-mail or an e-mail attachment containing a .WMF or .EMF image file. He added that being on the lookout for these lesser-known file types may not help since it's possible to disguise .WMF and .EMF files as more common image formats like .JPG.

Eric Schultze, CTO of Shavlik Technologies, said in an e-mail that MS09-006 follows a long line of image vulnerabilities. "The flaw actually resides in the Windows kernel -- but is only exploited when managing the malformed pictures," he said. "All that the attacker needs to do is encourage a victim to view a specially formatted image and the attacker can run code on the victim's system. The evil code will execute with system privileges -- even if the user wasn't logged on as an administrator."

"MS09-006 is going to be a huge undertaking," said Paul Henry, security forensic analyst at Lumension, in an e-mail. "The broad platform impact of the bulletin suggests that core services of the Windows operating system are to be modified, rather than isolated application components. When working on the core infrastructure, it opens up other applications to potential risk, making a simple patch deployment impossible. To make sure this is secure, IT departments will have to reboot all Windows machines in the entire enterprise."


Is your vulnerability management program ready for 2009? You can't protect everything, so the key is to focus to reduce exposure. Download the report here.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
How GIS Data Can Help Fix Vaccine Distribution
Jessica Davis, Senior Editor, Enterprise Apps,  2/17/2021
Commentary
Graph-Based AI Enters the Enterprise Mainstream
James Kobielus, Tech Analyst, Consultant and Author,  2/16/2021
Slideshows
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Slideshows
Flash Poll