Microsoft released nine new security bulletins fixing 21 vulnerabilities in all supported versions of Internet Explorer and the Windows operating system, Microsoft Office and .NET/Silverlight in its February Patch Tuesday release.
Four of the nine bulletins were rated "critical" because the vulnerabilities could result in remote code execution on the computer if exploited.
The critical bulletin addressing four flaws in all versions of Internet Explorer (MS12-010) should be top priority as attackers are increasingly relying on browser exploits to compromise users, security experts advised. These flaws can potentially be used in drive-by-downloads.
Even though the IE bulletin is rated as critical, the bugs were not publicly disclosed previously. Exploits targeting Windows Media have appeared within two weeks after Microsoft released a patch fixing remote code execution vulnerabilities (MS12-004) during January's Patch Tuesday release.
The .NET/Silverlight bug is applicable to both PCs and Macs as users browsing malicious Web pages can be hit by drive-by-download attacks.
The vulnerabilities in Internet Explorer and .NET/Silverlight may result in mass exploitation.
The Microsoft C Runtime flaw in Windows Media Player (MS12-013) is also dangerous as attackers could trick users in to opening a maliciously crafted media file. However, the attack vector is very limited, as the flaw does not affect Visual Studio or other third-party applications that dynamically link to msvcrt.dll.
Microsoft released two bulletins fixing the previously disclosed DLL-preload vulnerability this month. Microsoft has patched various affected Microsoft applications 22 times to date. "It is safe to say we will continue to see the DLL preload vulnerability being addressed by Microsoft in the coming months," said Jason Miller, manager of research and development at VMware.
The DLL-preloading issue in the Color Control Panel (MS12-012) should probably have been rated as critical because there is a potential for remote code execution. This is important because the remote attacker would be limited to having the permissions of the logged in user.
The Office bulletin (MS12-015) fixes an issue in Visio Viewer. Visio is not as widely deployed as other Office programs, so many IT administrators may not have to worry about the issue. The Visio vulnerability would likely be exploited in a spear phishing attack, where users would be tricked into opening a maliciously crafted Visio file.
Make sure your computers are up to date. When Windows tells you that you have an update waiting, be sure to update your machine to protect against malicious attacks.
No comments:
Post a Comment