Wednesday, April 14, 2010

Another busy week patching for system admins

Microsoft and Adobe both "celebrated" Patch Tuesday this week. If you have Adobe Reader 8 or 9 on your networks, you need to patch them as well as checking to see if Microsoft's patches are important in your network. For home users, Adobe is now enabling an automatic patching mechanism that will patch Adobe Readers silently. Network admins should consider disabling this to reduce unnecessary traffic and to prevent automatic updating software from making unexpected changes to critical production systems. All of the stories linked below include more information and links to even more info.

The Microsoft Security Response Center (MSRC) : April 2010 Security Bulletin Release
Today, as part of our monthly security update cycle, we are releasing 11 security bulletins to address 25 vulnerabilities: five rated Critical, five rated Important and one rated Moderate. This month’s release affects Windows, Microsoft Office, and Microsoft Exchange.

Microsoft patches 25 flaws with 11 patches, five critical - SC Magazine US
Microsoft on Tuesday pushed out 11 patches for 25 vulnerabilities.

Two of the fixes — MS10-020 and MS10-022 — correct previously known vulnerabilities, one a flaw in VBScript, which could permit attackers to execute remote code on victim machines, and the other a denial-of-service bug in Server Message Block, disclosed in November.

But on Tuesday the software giant identified three other patches — MS10-019, MS10-026 and MS10-027 — as the major priorities, Jerry Bryant, group manager of response communications at Microsoft, said in a blog post.

MS10-019, which resolves two vulnerabilities, affects all Windows versions and can allow an attacker to change PE (portable executable) and CAB (cabinet) files to add malicious content, without invalidating the digital signature.

SANS has awarded one of this month's patches, MS10-022, their highest rating of "PATCH NOW"* even though Microsoft only rated this patch "Important".

Microsoft April 2010 Patch Tuesday
Overview of the April 2010 Microsoft Patches and their status.
* PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.

Adobe, Microsoft Push Security Upgrades — Krebs on Security
Software giants Adobe and Microsoft today each released software updates to fix critical security flaws in their products. In addition, Adobe is rolling out a new auto-updater tool that should make it easier for hundreds of millions of Adobe Reader users to more safely run one of the most frequently attacked software applications.

Microsoft released 11 security updates that collectively fix at least 25 vulnerabilities in versions of Windows, Office, Exchange, and other Microsoft products.

Redmond said customers should install all of the relevant updates, but it called attention to a few as particularly urgent. Among those is a patch for all versions of Windows that fixes a bug which could allow attackers to fool Windows into thinking that a malicious program was created by a legitimate software vendor, said Joshua Talbot, security intelligence manager, Symantec Security Response.

Adobe - Security Bulletins: APSB10-09 - Security update available for Adobe Reader and Acrobat
Critical vulnerabilities have been identified in Adobe Reader 9.3.1 (and earlier versions) for Windows, Macintosh, and UNIX, Adobe Acrobat 9.3.1 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.1 (and earlier versions) and Adobe Acrobat 8.2.1 (and earlier versions) for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
Critical flaws haunt Adobe PDF Reader, Acrobat | Zero Day |
Adobe dropped a bumper patch for its PDF Reader and Acrobat today to fix 15 documented security holes that expose Windows, Mac and UNIX users to malicious hacker attacks.

The update is rated “critical” because of the risk of remote code execution attacks via rigged PDF files.

Security update available for Adobe Reader and Acrobat

No comments: