Microsoft will release nine patches next week, two of which will be rated as critical.
These Updates will be for SQL Server, SharePoint, OneNote, .NET, Microsoft Windows and Internet Explorer. The two critical bulletins and one of the others, rated as important, allow for Remote Code Execution (RCE).
Wolfgang Kandek, CTO of Qualys, said: “The most critical patch is bulletin #1 which affects all versions of Internet Explorer (IE), all the way from IE 6 to the newest IE 11 on Windows 8.1 and RT.
“Since browsers are the attackers favorite targets, this patch should be top of your list. An attacker would exploit this vulnerability on your users through a malicious webpage. These pages can be on sites that are either set up specifically for this purpose, requiring him or her to attract your users to the site or are on sites that are already under control of the attacker with an established user community, such as blogs and forums.
“Bulletin #2 is a critical update for Windows and affects Windows 7 and Windows 8, plus the Media Center TV pack for Vista. I believe it must be to address bugs in the graphics processing pipeline, most likely in an online video component.
“An attacker would have to trick you into opening a file. Microsoft’s rating of “critical” indicates that your users can trigger this bug by simply surfing to a malicious webpage, so no special interaction is required.”
Russ Ernst, director of product management at Lumension, said: “First on our radar this month is an update for IE. In a blog post published by Microsoft yesterday, they outline how the patch will push out a new feature that blocks ActiveX controls, including old versions of Java. This is a great security win for the enterprise and IT should consider the creation of a policy that blocks old versions of one of the bad guys’ favorite attack vectors. That is, of course, as long as your line of business apps are not tied to older versions.
The second critical bulletin is for a possible remote code execution in Windows 7, 8, 8.1 and Media Center in Vista. This is a remote code execution vulnerability, so it is critical for administrators to get this update out to their desktops. Two of the 7 important class bulletins cover servers. Bulletin 4 is for SQL Server and bulletin 7 is for Sharepoint server. If either of those are in your network, you will want to pay close attention next week. The remaining bulletins are for Windows, Offic
e and the .Net framework. We will wait to see next week what those look like.
“With Black Hat and DEF CON happening this week, it will be interesting to see if Patch Tuesday contains any quick response to new threats identified there. As we are all painfully aware, the bad guys move fast so we need to move faster.”