Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Critical Update Requires Fast Action To Prevent Vulnerabilities From Being Exploited

Lumension Security : 14 October, 2010  (Technical Article)
Lumension is predicting that cyber criminals will be hard at work attacking unpatched computers after record number of vulnerabilities identified in patch updates from Microsoft and Oracle
Microsoft has released 16 patches to fix an unprecedented 49 vulnerabilities in its products, including Windows, Internet Explorer, MS-Office and Microsoft Word 2010. This comes on the same day that Oracle released patches for 81 vulnerabilities.

Alan Bentley, SVP International at Lumension, commented: "The release of 130 vulnerabilities on the same day is like giving gold dust to the hacking community. The moment a vulnerability is disclosed cyber criminals get to work developing exploit code to take advantage of the identified holes. With the significant number of holes identified on the same day, businesses will be racing against time to fix them all.

"Not only is this Microsoft's largest patch load on record, but 23 of the vulnerabilities are rated at the most severe level on its exploitability index. With level one warning that exploit code could be crafted in such a way that an attacker could consistently exploit that vulnerability, the urgency is placed on applying these fixes. The patch that computer users should pay particular attention to is the cumulative security update, MS10-071, for Internet Explorer. If exploited, computer users could hand over control of their computer systems by simply clicking on a specifically crafted web page .

"Also in the bag of patches is a fix for one of the three vulnerabilities exploited by the Stuxnet attack. MS10-073 addresses the Win32k Keyboard Layout Vulnerability, which hands over administrator rights on infected PCs.

"The most challenging thing for businesses when patches are released is to shut the open doors to their computer systems, before the hacker works out how to walk through them. But the process isn't as easy as clicking a button for big businesses. Patches effectively change a network and any change has the potential to knock over their IT systems. Organisations need to test the patches against their specific network makeup before they apply them, to ensure they don't interrupt their business. '
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo