Microsoft's October Security Bulletin Addresses 23 Flaws
IT admins and developers will be kept busy this week, as Microsoft on Tuesday released eight security bulletins that address 23 vulnerabilities. Two bulletins were labeled "critical" and includes fixes for a number of Internet Explorer holes; the other six were labeled "important."
The first critical item fixes eight vulnerabilities reported by various private entities to Microsoft. Microsoft said one hole could lead to a hacker deploying a remote code execution exploit if a user visits a targeted Web page while using Microsoft's Internet Explorer browser.
The second critical bulletin fixes an issue with Microsoft .NET Framework and Microsoft Silverlight. Just as in the first bulletin, if unpatched, users could be subjected to remote code execution thanks to an error in Internet Explorer that can run XAML Browser Applications (XBAPs) or Silverlight applications.
As with all items deemed critical by Microsoft, security experts advise IT and users to prioritize these patches as soon as possible. "In addition to the eight critical vulnerabilities being fixed in Internet Explorer, both consumer and corporate customers urgently need to patch Silverlight with MS11-078, which may or may not be installed on your system," wrote Kurt Baumgartner, a Kaspersky lab expert, in a blog post.
Host Integration Servers 2004, 2006, 2009 and 2010 marks the first important bulletin, and if unpatched, could lead to a possible denial of service attack. The second of the six important items concerns Windows Server 2003 and Windows XP, and patches a hole that hackers could exploit for an elevation of privilege action.
Speaking on behalf of the next item, Robert Keith, security advisor at Symantec, breaks down an error in Microsoft's Kernel mode (all versions of Windows OS and Windows Server) that gets a fix: "A local privilege-escalation vulnerability occurs because the kernel fails to properly validate user-supplied data between user-mode and kernel-mode. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. This may facilitate a complete compromise of the affected computer."
The final three bulletins target Forefront Unified Access Gateway 2010, Windows Media Center running on Windows 7 and Microsoft Active Accessibility. If gone ignored, flaws in these programs could all lead to remote code execution attacks.
More information on October's Security Bulletin can be found here. Microsoft has also released a chart prioritizing each patch:
[Click on image for larger view.]
Courtesy of Microsoft