Wednesday, April 13, 2011

Record-Breaking Microsoft Black Tuesday

It's the biggest one since last December's record, and it patches more vulnerabilities than that one.  SANS has given several of the patches its highest rating: "PATCH NOW!". All the systems I have patched are stable, so if you're a home user, go ahead and run Microsoft Update.

Microsoft delivers monster security update for Windows, IE
Microsoft today patched a record 64 vulnerabilities in Windows, Office, Internet Explorer (IE), and other software, including 30 bugs in the Windows kernel device driver and one in IE that was exploited at the Pwn2Own hacking contest last month.

The company also delivered a long-discussed "backport" to Office 2003 and Office 2007 that brings one of the newer security features in Office 2010 to the older editions.

The 17 updates, which Microsoft dubs "bulletins," tied a record set late last year, but easily beat the October 2010 mark for the total number of flaws they fixed. Altogether, today's updates patched 64 vulnerabilities, 15 more than in October and 24 more than in the former second-place collection of December 2010.

SANS: April 2011 Microsoft Black Tuesday Summary
MS11-018: Cumulative Security Update for Internet Explorer ( Replaces MS11-003 ): ACTIVELY EXPLOITED. PATCH NOW!
MS11-026: Vulnerability in MHTML Could Allow Information Disclosure: ACTIVELY EXPLOITED. PATCH NOW!

PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.

Microsoft's blog entries detailing the patches and rating the risks are here:

April 2011 Security Bulletin Release - MSRC - TechNet Blogs
... today we are releasing 17 security bulletins, nine of which are Critical, and eight rated Important.

These bulletins will increase protection by addressing 64 unique vulnerabilities in the following Microsoft products: Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, SMB, .NET Framework and GDI+.
Assessing the risk of the April security updates - Security Research & Defense - TechNet Blogs
Today we released 17 security bulletins. Nine have a maximum severity rating of Critical and eight have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.

No comments: