Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

IE vulnerability patched in bumper patch Tuesday

Lumension Security : 12 October, 2009  (Technical Article)
Lumension is warning System Administrators to prepare for a heavy payload of patches from Microsoft on Tuesday as they attempt to plug drive-by malware threat vulnerability on Internet Explorer
Microsoft is set to release a heavy load of patches to organisations next Tuesday with eight critical and five important vulnerabilities.

Andrew Clarke, Senior VP Lumension, comments: "Bulletin 5 presents an increased threat for 'drive-by malware' because it concerns the most current versions of IE - versions 7 and 8 - on multiple operating system platforms, making this vulnerability a prime target for web-born malware writers and malicious web operators.

"Of the batch, Bulletin 12, raises a red flag. Labelled as critical, it affects a large number of operating systems, core services and applications. Given its prevalence, it is most likely a low level vulnerability shared within the operating system itself that needs to be fixed. If exploited, it could allow the propagation of an Internet worm without user action. Before deploying this patch into production environments, it is essential that IT administrators test it vigorously to ensure services are not impacted by unexpected results.

"On Tuesday, organisations should also pay close attention to the details listed in Bulletins 7 and 9, two "important" vulnerabilities, to determine how critical they are within their business environments. Vulnerabilities involving "spoofing" and "elevation of privilege" should raise an alarm for IT administrators as they can potentially have a big impact on their ability to verify trusted destinations and control user privileges within their organisations - two conceptual things that IT never wants to lose control over.

"In addition to these four bulletins, all of the critical vulnerabilities are labelled as remote code execution, which require a restart and are across a broad variety of Windows platforms and applications."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo