Free Newsletter
Register for our Free Newsletters
Zones
Access Control
Alarms
Biometrics
Detection
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
Surveillance
View All
Other Carouselweb publications
 
 
 
 
 
 
 
 
News

Critical Vulnerabilities Require Fast Patching

Symantec : 14 October, 2010  (Technical Article)
Symantec comments on the latest Microsoft patch update that addresses the most vulnerabilities ever recorded in a single month
Today, Microsoft issued a record 16 security bulletins which address 49 vulnerabilities, five of which Microsoft has rated as critical.

"Microsoft has broken several of its own Patch Tuesday records this year, but this month far surpasses them all," said Joshua Talbot, security intelligence manager, Symantec Security Response. "Perhaps most notable this month is the number of vulnerabilities that facilitate remote code execution. By our count, 35 of the issues fall into this category. These are bugs that could allow an attacker to run any command they wish on vulnerable machines."

"One of the two remaining Stuxnet-related zero day vulnerabilities was also fixed today," Talbot added. "Stuxnet uses the Win32 Keyboard Layout Vulnerability to gain administrator privileges on infected computer systems. This functionality ensures that none of the threat's malicious actions get blocked on targeted systems due to lack of permission."

"The vulnerability addressed in the Embedded OpenType Font Engine is perhaps the most likely to be widely exploited," Talbot concluded. "Similar vulnerabilities have seen extensive exploitation in the past. Since this particular issue affects so many Windows operating systems and can be exploited via Web browser, it's likely to get the immediate attention of attackers."

Symantec strongly encourages users to patch their systems against all vulnerabilities addressed this month.

Please visit the Symantec Security Response blog for more information and also let me know if you're interested in speaking with a Symantec expert in greater detail about any of the vulnerabilities addressed this month.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com