Tuesday March 10th and it’s once again Patch Tuesday for all you Microsoft users. Yesterday’s release was a very straightforward and light load of fixes but spanned all supported versions of Windows. Some specific updates pushed out are MS09-006, MS09-007, and MS09-008. MS09-006 is a update for the Windows kernel vulnerability that is labeled critical for Windows 2000 SP4 all the way up to Vista SP1. The other two updates fix vulnerabilities in SChannel and DNS/WINS Server respectively and is important for Windows 2000 SP4 up to XP SP3 and Server 2003. Other than that the only things to look out for are the ordinary Malicious Software Removal Tool and Windows Mail spam filter. Full write up.
Possibly more interesting than that is the fact that Symantec and Adobe released updates on the same day under unusual circumstances. George Hulme has a good write up of the situation the he posted this afternoon. To sum it up Adobe has been working on a fix for their recent zero-day and announced it would be released March 11th. They decided to release it yesterday, March 10th, which happened to be Patch Tuesday which can be commended for getting it out early but for most working in the trenches that are operations probably wasn’t appreciated.
On top of that Symantec released a patch with the filename PIFTS.exe, which looks up the Symantec product and version on a system and reports it back. Well this report back happened to not be signed because of human error and sent up some firewall flares for most users. This must have been a Help Desk nightmare along with the Adobe issue on Patch Tuesday. Not only a Help Desk problem, if the users decided to search what PIFTS.exe was on their own it is reported that malicious sites recognized this and made their sites appear at the top of those searches. Good write up on the PIFTS.exe and malicious site issue on SC Magazine found here.
This onslaught of patches and patch mishaps must have really affected a lot of companies big and small as they had their time allotted for the Microsoft patches to be pushed. Anybody who works in operations and is part of the team responsible for patch management knows the trials of Patch Tuesday when that is the only issue to deal with. The fact that Adobe pushed their release up and Symantec had an inexcusable mistake all on the same day can really bring things down. Not only can this cause a headache for the people on the team responsible for pushing these patches but if the team required more than one patch in the same day at 3 separate times you are going to have some angry users who aren’t going to restart their machines for you. Heat will be felt all along the food chain and $DIETY forbid if somebody clicked on a site taking advantage of the PIFTS.exe curiosity. Productivity won’t be the only issue that companies will have to deal with this Patch Tuesday or for the rest of the week for that matter.
[tags]microsoft, security, patch tuesday, ms09-006, ms09-007, ms09-008, symantec, adobe, pifts.exe, patch hell[/tags]
