CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
October 14th, 2009

Record Number Of Vulnerabilities Fixed In Microsoft’s Patch Tuesday

Microsoft on Tuesday patched a record number of security holes in its Windows operating systems and other software, a haul that included at least one security flaw that was already under attack in the wild.

One of the updates fixed a vulnerability in Windows Media Runtime that allows an attacker to remotely execute malware by tricking a user into playing a booby-trapped audio or video file. A few hours after its release, a Microsoft spokesman said company researchers have “seen limited attacks trying to use the reported vulnerability.” The bug is rated critical on every version of Windows.

A separate update fixed a bug that left users of the Internet Explorer, Google Chrome, and Apple Safari for Windows browsers vulnerable to forged secure sockets layer certificates. The flaw in Microsoft’s CryptoAPI, was disclosed 10 weeks ago, but took on more urgency after a hacker published a counterfeit certificate for PayPal that made it trivial for someone mounting a man-in-the-middle attack to impersonate the online payment processor.

The patch batch also included a fix the SMB2 file-sharing technology that was added to Vista and later versions of Windows. Four weeks ago, white-hat hackers developed a reliable way to target the critical vulnerability, but there still are no reports of it being exploited in the wild.

As always, Microsoft provides a visual chart that provides a summary of the releases.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Fake Microsoft-like Sites Attempt To Install Malware
  • Unpatched Vulnerability In Microsoft’s SQL Server
  • Oracle Patches Critical Database Vulnerabilities
  • Microsoft’s Patch Fix Critical Vulnerabilities In IE And Office
  • US Army CECOM Website Breached, 30 Record Sets With User IDs, Clear-text Passwords, Private Data Posted On Pastebin

    • Posted in Microsoft, Software, Vulnerabilities, Windows | Print This Post Print This Post

    This entry was posted on Wednesday, October 14th, 2009 at 2:09 pm and is filed under Microsoft, Software, Vulnerabilities, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Record Number Of Vulnerabilities Fixed In Microsoft’s Patch Tuesday

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »