The September advance bulletin for Microsoft’s Patch Tuesday is out. It falls on September 11th this year.
Quick highlights:
1 Critical (remote code execution)
4 Important (2 remote code execution, 2 elev priv)
Affected Software:
Windows (critical)
Visual Studio (important)
Windows Services for UNIX (important)
MSN Messenger (important)
Windows, SharePoint Server (important)
Tags: Patch Tuesday, September 11, Microsoft September Patch Release
Well, the Microsoft patches for August are out and there are 6 critical and 3 important.
Critical:
Important:
The overarching catch phrase here…remote code execution.
Tags: MS07-042, MS07-043, MS07-044, MS07-045, MS07-046, MS07-047, MS07-048, MS07-049, MS07-050
From MSRC:
Next Tuesday, we’re currently planning to release nine security bulletins:
Tags: Microsoft Patch Tuesday, Microsoft Advance Notice, Patch Tuesday
Well its that time again and for this installment there are 6, count em, 6 new advisories.
Enjoy
Two bulletins have a maximum severity of Important:
One bulletin has a maximum severity of Moderate:
Tags: Microsoft Patch Tuesday, OS Patches, Microsoft Patches, Patch Tuesday
Here we go again…
From Computer Weekly:
Microsoft will release six security updates on Tuesday 10 July to address flaws attackers could exploit to launch malicious code and access sensitive information on victims’ machines.
Affected products range from Office to multiple versions of Windows, including Vista, and according to the advance bulletin Microsoft released on 5 July , three of the updates will be rated critical, two important and one as moderate.
All the critical updates are for remote execution flaws and affect Windows, Office, Excel and the .Net Framework. The two important updates will fix remote code execution flaws in Windows XP Professional, Office and Publisher, and the one moderate bulletin will fix an information disclosure flaw in Vista.
As it does every month, Microsoft will also update its Malicious Software removal tool and hold a Webcast Wednesday at 11 a.m. Pacific Time. Microsoft will also release five non-security, high-priority updates.
Tags: Microsoft Patch Tuesday, Microsoft Security Updates, Patch Tuesday
From Secunia:
Description:
Sun has acknowledged a vulnerability in Solaris, which can potentially be exploited by malicious people to compromise a vulnerable system.For more information:
SA25800The vulnerability affects Sun Solaris 8, 9, and 10 for both the SPARC and x86 platforms.
Solution:
Apply patches.– SPARC Platform –
Solaris 8:
Apply patch 126928-01.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-126928-01-1Solaris 9:
Apply T-patch T113318-31.Solaris 10:
Apply patch 123809-02.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-123809-02-1– x86 Platform –
Solaris 8:
Apply patch 126929-01.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-126929-01-1Solaris 9:
Apply T-patch T117468-17.Solaris 10:
Apply patch 126837-01.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-126837-01-1Preliminary T-patches are available from:
http://sunsolve.sun.com/tpatchesA final resolution is reportedly pending completion.
Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1
Tags: Sun, Solaris, Kerberos Vulnerability
OK, the good bad news is out. Here are the four critical patches. There is also one important and one moderate. Right, hop to it.
MS07-031 Windows Schannel Security Package Could Allow Remote Code Execution
This critical security update resolves a privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS. However, attempts to exploit this vulnerability would most likely result in the Internet Web browser or application exiting. The system would not be able to connect to Web sites or resources using SSL or TLS until a restart of the system.
MS07-033 Cumulative Security Update for Internet Explorer
This critical security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction.
The advance notice is out from Microsoft for Patch Tuesday. Vista is again on the roster.
In the advance notice on Microsoft’s TechNet site, the software giant said it intends to release four critical updates for Windows, IE, Outlook Express and Windows Mail, which comes with Vista. Microsoft said attackers could exploit all the critical flaws to launch malicious code remotely, and several of them affect IE 7 on both Windows XP and Vista.
Tags: Microsoft Patching, Patch Tuesday, Vista Patch, IE7 Patch
I hate to do this to myself, but I find that they’re actually in a position to get some praise.
I’ve got an RSS feed from Microsoft in my feed reader which (too often) includes useful bits and pieces. I’m guessing that some of the infinite number of monkeys who work for Microsoft must occasionally put out the good stuff.
For your reading/viewing/listening/installing pleasure then:
I feel very dirty… but informed 
Tags: microsoft, downloads, whitepapers, active directory, best practices, smart cards, vista, vista security, MOM 2007, windows rights management
Why is it that every speaker that I I have seen on Vista security feels it necessary to devote more that 40% of their time to bashing Apple and Linux? These aren’t even folks that are on the Microsoft payroll. I got into it with todays speaker (no surprise) over lunch and he said that by virtue of the fact that I was using NeoOffice on a Mac that I was a communist. I should point out that this guy (who shall remain nameless) is from Texas. Me, a commie? Wow, is that the best come back that he could muster? Rather pathetic actually. He then went on to spew FUD from the gospel according to Ballmer.
Now, as I have said before, I have become OS agnostic. I’m a Mac user but, that by no means is indicative of my political leanings. I believe that every operating system has its place and that it is asinine to argue over who’s is bigger. It’s a circumlocutious argument that no one wins. Enough already.
He did manage to give a nice presentation on Vista but, seeing as how he managed to piss me off, I’m not going to point people to his website. He tackled the various permissions and rights that users have in Vista and even showed the crowd (250+) how to defeat the Vista Activation. Not sure the Redmond folks would enjoy that one much. Basically the way it works is that you pull up the registry editor for Windows, regedit, and search out the key SL. I can’t recall the full path and I’ll update that tomorrow. Suffice as to say there is a value within that key called SkipRearm. The value for this is set to “0″. All you would have to do is change this value to “1″ or some other value to reset the activation timer. Ah, but wait, there’s more. Close out of regedit and then launch a command line.
Enter this command: C:\>slmgr - rearm
This will, if successful, return a “command complete” message and ask you to reboot (yes, a reboot)
He then went into some detail about Windows Integrity Control. This is a permission structure that Microsoft, for whatever reason, decided to drop at the last minute. The weird part is that all of the code is still in the OS. The analogy that was used equated this to removing the sink and tub and leaving all of the plumbing in the house. The premise here was that files with lower permissions would not be able to “read up” or “write up”. Example an administrator would be level 3000 and a system file would be at 4000. The rub here is that even though you might be an administrator you would not be able to delete a system file. Um, OK. Is it just me or does that seem like a bad idea?
Well, a smart malware writer could have taken advantage of this and create a rootkit that is a system level file. There are a few applications today that would allow a user to elevate their privileges in WCI and set the file permissions to system. And psexec can help you there. I won’t give anymore detail on that point.
There was more from today but, I won’t bore you with that. Just an open message to speakers out there on Windows security. Give it up with the Coke vs. Pepsi, Windows is better than (insert) routine. It’s tired.
Now put down the koolaid glass and get back to work.
Tags: Vista Security, Windows Integrity Control, Conference Speaking, Microsoft Security
Add to Google
Add to my Yahoo
Add to MSN
Add to Bloglines
Add to Newsgator
