Microsoft warns of 'limited, targeted attacks' against Windows vulnerability | ZDNet
Patch Tuesday April 2012 – Critical updates for Windows, Office and Adobe Reader | Naked Security
Summary: The vulnerability under attack exists in Windows Common Controls and can be exploited to launch remote code execution attacks if a user simply surfs to a malicious website.Microsoft today shipped patches for at least 11 documented security vulnerabilities, including one that’s already being hit with “limited, targeted attacks.”
The vulnerability under attack — now fixed today with the MS12-027 bulletin — exists in Windows Common Controls and can be exploited to launch remote code execution attacks if a user simply surfs to a malicious website.
The vulnerability is caused when the MSCOMCTL.OCX ActiveX control, while being used in Internet Explorer, corrupts the system state in such a way as to allow an attacker to execute arbitrary code.
Microsoft is calling on Windows users to apply this bulletin as a priority because of the high-risk of code execution attacks.
This month Microsoft has released six patches, four critical, for eleven vulnerabilities in Office, Windows and various server products. ...Adobe, Microsoft Issue Critical Updates — Krebs on Security
Adobe, not wanting to feel left out, also delivered fixes for four vulnerabilities in Adobe Reader and Acrobat versions 9 and X.
All four vulnerabilities can lead to remote code execution, so I advise everyone be sure to update to Reader/Acrobat 10.1.3.
Adobe and Microsoft today each issued critical updates to plug security holes in their products. The patch batch from Microsoft fixes at least 11 flaws in Windows and Windows software. Adobe’s update tackles four vulnerabilities that are present in current versions of Adobe Acrobat and Reader.ISC Diary | Microsoft April 2012 Black Tuesday Update - Overview
Seven of the 11 bugs Microsoft fixed with today’s release earned its most serious “critical” rating, which Microsoft assigns to flaws that it believes attackers or malware could leverage to break into systems without any help from users. In its security bulletin summary for April 2012, Microsoft says it expects miscreants to quickly develop reliable exploits capable of leveraging at least four of the vulnerabilities.
Among those is an interesting weakness (MS12-024) in the way that Windows handles signed portable executable (PE) files. According to Symantec, this flaw is interesting because it lets attackers modify signed PE files undetected.
“In addition, the attacker doesn’t need to worry about controlling memory; once the user runs the content, the device has been infected,” wrote John Harrison, group product manager for Symantec Security Response. “The most common attack will probably be a scenario in which a site offers a free download of a specific program that appears to be legitimately signed.”
Wolfgang Kandek, chief technology officer for vulnerability management firm Qualys, is particularly worried about MS12-027, because the weakness spans an unusually wide range of Microsoft products. Microsoft agrees, calling this patch the highest priority security update this month.
“What makes this bulletin stand out is that Microsoft is aware of attacks in the wild against it and it affects an unsually wide-range of Microsoft products, including Office 2003 through 2010 on Windows, SQL Server 2000 through 2008 R2, BizTalk Server 2002, Commerce Server 2002 through 2009 R2, Visual FoxPro 8 and Visual Basic 6 Runtime,” Kandek said. “Attackers have been embedding the exploit for the underlying vulnerability (CVE-2012-0158) into an RTF document and enticing the target into opening the file, most commonly by attaching it to an e-mail. Another possible vector is through web browsing, but the component can potentially be attacked through any of the mentioned applications.”
Published: 2012-04-10,Adobe warns of Reader X security holes | ZDNet
Last Updated: 2012-04-11 01:57:49 UTC
by Swa Frantzen (Version: 1)
Overview of the April 2012 Microsoft patches and their status.
Microsoft Security Bulletin Summary for March 2012
Summary: Adobe ships patches for flaws that could cause the application to crash and potentially allow an attacker to take control of the affected system.Adobe’s flagship PDF Reader/Acrobat software contains multiple security vulnerabilities that expose computer users to dangerous hacker attacks.
Adobe warned about the vulnerabilities in a security bulletin that contained patches for Windows, Mac OS X and Linux users.
Adobe - Security Bulletins: APSB12-08 - Security updates available for Adobe Reader and Acrobat