Microsoft Patches Windows Worm And Drive-by Download Vulnerabilities
As part of its scheduled batch of patches for November, Microsoft today issued six security bulletins with fixes for a total of 15 vulnerabilities affecting its Windows and Office product lines. Four of the six bulletins include patches for Windows and Windows Server and two affect Microsoft Office products (Excel and Word).
Three of the six bulletins are rated “critical,” meaning they can be used to launch remote code execution or worm attacks without any user action. One of the Windows vulnerabilities could expose users to drive-by malware attacks via the browser, Microsoft warned.
Microsoft is urging Windows users to pay special attention to MS09-065, a “critical” bulletin that patches three documented vulnerabilities in Windows Kernel-Mode drivers. Microsoft expects to see functional exploit code for this flaw very soon.
This Patch Tuesday also brings:
MS09-063 (Maximum severity rating of Critical): Resolves one privately reported vulnerability in Windows, which could allow remote code execution if an affected Windows system receives a specially crafted packet. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
MS09-064 (Maximum severity rating of Critical): Patches one privately reported vulnerability in Windows, which could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system.
MS09-066 (Maximum severity rating of Important): This update resolves one privately reported vulnerability in Windows, which could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests.
MS09-067 (Maximum severity rating of Important): This update resolves eight privately reported vulnerabilities in Office, which could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.
MS09-068 (Maximum severity rating of Important): This update resolves one privately reported vulnerability in Office, which could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Microsoft also reissued MS09-045 and MS09-051 to address detection and minor problem issues.
On the MSRC blog, Microsoft is offering charts explaining the severity and exploitability of each vulnerability and visual guidance on how to properly prioritize and deploy the updates.
The company’s Security Research & Defense Blog offers a technical breakdown of some of the more serious vulnerabilities at http://blogs.technet.com/srd.
Credit: ZDNet.com Security Blogs
More on CyberInsecure:
Posts
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.