Tuesday, November 9, 2010

Microsoft Patch Tuesday - November 2010

November is a fairly light month for Microsoft patches which include 3 security bulletins addressing a total of 11 vulnerabilities. A critical vulnerability affects Microsoft Office when handling RTF (rich text format) files in Word. Outlook fixes are addressed with the issue of the preview pane automatically displaying the contents of file attachments. The other bulletins cover issues with PowerPoint and Forefront Unified Access Gateway (UAG). 

However, the 0day vulnerability in IE6 & IE7 is not addressed. This vulnerability involves an issue with the browser’s token parsing of user-defined CSS (Cascade Styling Sheet). It is recommended to upgrade to IE 8 where DEP (Data Execution Prevention) is on by default. The vulnerability exists in IE8 but DEP prevents the vulnerability to actually be exploited. Users should also be able to manually turn on DEP in IE6 & IE7 and there are other work-arounds available from Microsoft here: http://support.microsoft.com/kb/2458511

Microsoft’s official summary of November releases:

Breakdown of this month’s Microsoft Patches:

·       1.  MS10-087 – Microsoft Office | Remote Code Execution - KB 2423930 | Critical
(Replaces MS10-003 MS10-036)

A total of 5 vulnerabilities exist in both Windows and Mac OS X versions of Microsoft Office. These vulnerabilities include the ability for a buffer overflow attack utilizing the processing of RTF documents.

·       2.   MS10-088 – Microsoft PowerPoint | Remote Code Execution - KB 2293386 | Important
(Replaces MS10-004, MS10-036, MS09-017)

2 vulnerabilities in Microsoft PowerPoint exist in Windows Office XP, Office 2003, and Office 2004 for Mac. A user’s system is compromised when they open a malicious PowerPoint file.

·        3. MS10-089 – Forefront Unified Access Gateway (UAG) | Privilege Escalation - KB 2316074 | Important  
4 Vulnerabilities in Forefront Unified Access Gateway (UAG) are addressed which include a URL redirection flaw that allows attackers to redirect users to malicious websites.

No comments:

Post a Comment

Thank you for your contribution. Your post will be published shortly after it is filtered for any inappropriate material. Please do not use ALL CAPS, flame, use inappropriate material/references in your post or they may not be published.