Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft Patch Tuesday Roundup - October 2011

This month Microsoft released 8 security bulletins, including patches for some interesting vulnerabilities. For example, MS11-075, MS11-076, and MS11-077 all address a type of vulnerability triggered by a user accessing a file share. In Microsoft's own words the user must "open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (DLL) file". MS11-077 describes a similar vulnerability, that achieves the same effect using a font file (.fon extension). In all cases, the vulnerability can be triggered when accessing an SMB or WebDAV share. Vulnerabilities such as these allow attackers to compromise vulnerable systems as they are encountered. It can be a difficult problem to solve, as finding all of the files triggering the exploit could be difficult, especially if you have a very large network with several file shares. Of course, the best solution is to apply the patches provided by Microsoft across your environment.

In MS11-082, Microsoft describes "vulnerabilities [that]could allow denial of service if a remote attacker sends specially crafted network packets to a Host Integration Server listening on UDP port 1478 or TCP ports 1477 and 1478." The risk, in Microsoft's eyes, is minimal as "Firewall best practices" should protect you. Firewalls, really? Anyone who's had a user workstation compromised should have realized that firewalls do little to protect the "internal" network.

To help evaluate the vulnerabilities addressed by Microsoft’s Patch Tuesday, Tenable's Research team has published Nessus plugins for each of the security bulletins issued this month:

Resources


Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.