Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

MS update focuses on web browsers

Lumension Security : 16 July, 2009  (Technical Article)
Lumension comments on the patches released from Microsoft to eliminate a browser vulnerability which will be keeping IT administrators busy
"With this month's Patch Tuesday, Web Browsers are clearly a focus of IT professionals with nearly every popular web browser (Microsoft, Apple, Mozilla and Google) requiring some form of immediate attention leaving IT departments scrambling to install a patch or work around to deal with potentially significant issues.

"Priorities should be to address Microsoft's three critical issues - MS09-28, MS09-29 and MS09-32 - followed by MS09-30, MS09-31 and MS09-33 for those organisations utilising the respective impacted software. The three "critical" issues, listed below, carry an exploitability index of "1" with consistent exploit code likely. Additionally, all three patches impact all Windows Platforms and require a restart.

* MS09-029 resolves two issues in the Embedded Open Type Font Engine that could allow remote code execution and allow a malicious person to take complete control of an affected system remotely
* MS09-028 resolves three issues in Microsoft DirectShow that could allow remote code execution and allow a malicious person to take complete control of an affected system remotely
* MS09-032 resolves the ActiveX control issues currently being exploited in the wild. The issue can allow a malicious person to craft a drive-by malware web page with an ActiveX control that can permit remote code execution

"The news over the past few weeks of the resurgence of My Doom, which as it spread launched DDoS attacks against South Korean and American websites, highlights that while becoming infected with malware is a problem in itself when it occurs, "you" can very well become a problem for someone else. It again raises the question of third party liability when an irresponsible party does not properly secure their systems and they are used to attack a third party.

"While most security experts quickly recognised that the issue was from the resurgence of the old My Doom worm and was a script kiddie level attack, it could have easily become a major international incident. Others not within the technical community like Rep. Peter Hoekstra (R-Michigan), the leading Republican on the House Intelligence Committee, had publicly stated that the U.S. should conduct a "show of force or strength" against North Korea for a (their) supposed role in a round of attacks that hit numerous government and commercial websites this week.

"The resurgence of My Doom drives home the point that the days of signature-based defences like traditional AV are quickly waning - the bad guys simply make minor changes to old malware and easily slip it through our current "best" defences. The need is rapidly growing for the transition to application control / white listing sooner rather than later, which would simply deny any undesirable programme the right to execute if it is not explicitly permitted by policy."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo