Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Reduced Patching Pressure On Users Of Latest Operating System

Lumension Security : 16 September, 2010  (Technical Article)
Lumension comments on Microsoft's bulleting release this Tuesday with administrators using older versions of the operating system under greater pressure with more critical updates to address
The Microsoft September Patch Tuesday shows nine new bulletins that address a total of 13 vulnerabilities. With Adobe, Mozilla, Cisco, and Apple all releasing security updates within the last seven days, IT security teams will be stressed by a tremendously heavy load.

Don Leatham, senior director of solutions and strategy at security firm Lumension, comments:

"Highest on the priority list for September's Patch Tuesday are MS10-061 and MS10-062. MS10-061 addresses a vulnerability in the Print Spooler Service that allows the Stuxnet worm to spread across internal networks where the Print Spooler Service may not be protected by authentication challenges. MS10-062 closes a vulnerability in the popular MPEG-4 codec which can be exploited by enticing users to download a specially crafted media file or by receiving streaming content via a compromised website. Microsoft gives both of these a "1" on their exploitability index, which means consistent exploit-code is available or highly likely.

"One good note, MS10-065 which addresses a vulnerability in Microsoft's popular Internet Information Services (IIS) is rated as "Important" and has the lowest possible score on Microsoft's 'exploitability' ranking. Vulnerabilities in Microsoft IIS are always of high concern for the IT security community.

"This Patch Tuesday clearly demonstrates the fruit of Microsoft's efforts to make their latest platforms and products more secure and should encourage organisations to continue to move away from the Windows XP and Windows Server 2003. A simple comparison of impacted software in this notification shows clearly how older versions of Windows are essentially less secure:

* XP and Server 2003: 3 critical, 5 important
* Vista and Server 2008: 2 critical, 3 important
* Windows 7 and Server 2008 R2: 0 critical, and 3 important

"These results show that organisations running Windows 7 and Server 2008 R2 are running much more secure environments and, as an added benefit, this Patch Tuesday will practically be a non-event for them. Organisations stuck on Windows XP and Server 2003 need to take a hard look at the cost and risk factors associated with staying on these dated platforms.

"Tangible benefits for Windows 7 and Server 2008 R2 adopters are readily apparent this Patch Tuesday. These teams will have more time and resource to focus on protecting their organisations from currently active exploits, deploying new patches from other vendors, and ensuring that virus signatures are up-to-date to protect against the latest malicious email campaign. In the last seven days the following sizable IT security "to do" list has materialised:

* For Adobe, a critical vulnerability in Adobe Flash Player and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player for Android. They state that active exploits have been reported on the Windows platform. A fix will not be available from Adobe until the week of October 4th.

* Also from Adobe, a critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX (CVE-2010-2883.) This vulnerability is being actively exploited in the wild. A fix will not be available from Adobe until the week of October 4th. IT teams can get help from Microsoft via Microsoft's Enhanced Mitigation Experience Toolkit 2.0 (EMET) enabled for AcroRd32.exe, which blocks this exploit.

* The "Just for You" or "Here you have" malicious email campaign continues to spread. IT teams need to ensure that updated virus signatures are deployed throughout their organisations to stop this malware.

* Cisco has released updates for the Cisco Wireless LAN Controller (WLC) that address various vulnerabilities. Left unaddressed, these vulnerabilities can facilitate remote access to the controller where configuration information can be changed and access controls bypassed.

* Mozilla released Firefox 3.6.9 which addresses multiple vulnerabilities including the execution of arbitrary code, access to sensitive information, and cross-site scripting.

* Apple released Safari 5.0.2 and 4.1.2 to address multiple vulnerabilities in Safari as well as the underlying WebKit technology."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo