Happy Microsoft Tuesday, everyone! Redmond has all sorts of fun planned for you.
The Monthly Security Bulletin release it out, and it's a whopper, like we all expected. Eight updates are included in this release, including 5 rated as critical by Microsoft.
The Microsoft Security Response Center blog has more information.
The most troubling patch seems to be MS09-009, with a couple of CVEs relating to vulnerabilities in Excel that are actively being exploited, although Microsoft claims the attacks are targeted.
MS09-014, which addresses 6 vulnerabilities in Internet Explorer, replaces a couple of other past fixes, MS08-073 & 78, and MS09-002. If you're running IE, don't dally around with this one., because there's exploit code publicly available.
Finally, MS09-010 rounds out the prioritization trifecta. Four CVEs dealing with wordpad and officer converter vulnerabilities are addressed, and each of these flaws is being actively exploited.
There are a couple of other patches that deal with IIS & SQL on the server side, and Microsoft's firewall offering, ISA Server, so pay close attention to those if you have them in your environment. Otherwise, remediate the client side first, then move on to the servers, as the clients are a more readily accessible attack vector.
Enjoy your patching cycle!
Hi im a newb here. Hopefully i mighnt be able to contribute to this forum, Just though id say hi!
ReplyDeletethanks.
Greetings im new here and think this forum is excellent. I am going to contribute here and hopefully stick around! just wanted to say hi.
ReplyDeleteThanks.
Hi i'm fresh on here. I came accross this board I find It truly helpful and it's helped me so much. I should be able to contribute and help other people like its helped me.
ReplyDeleteCheers, Catch You Around
Hi i'm new here, I stumbled upon this website I have found It extremely accommodating & its helped me a great deal. I hope to give something back & aid others like it has helped me.
ReplyDeleteCheers, See You Around.