Microsoft security update includes IE, Stuxnet repairs

Share this article:

IT administrators on Tuesday received their holiday greetings from Microsoft: a whopper of a security update, comprised of 17 patches to fix 40 vulnerabilities.

The record-setting update, however, only contained two patches labeled "critical." One of those, a bulletin (MS10-090) that addresses seven flaws in Internet Explorer, is considered the highest priority fix as it closes a zero-day vulnerability that has been exploited in the wild.

"Over the weekend, Microsoft saw an uptick in attacks against the vulnerability," particularly targeting users in China and Korea, said Jason Miller, data and security team leader at Shavlik Technologies, a patch management vendor. 

The other critical bulletin (MS10-091) resolves three bugs in the OpenType Font driver on Windows.

"If a shared folder that contains a malicious OpenType font file is viewed, an attacker could run code in the Windows kernel," Miller said. "In order for a successful exploit, an attacker must convince a user to open a share that contains a malicious OpenType font file."

Less pressing for most organizations, but potentially most dangerous of all, is a patch for the last-known Stuxnet flaw – this one used to escalate privileges in conjunction with Stuxnet, the pernicious malware used to attack industrial control systems. Public exploit code had been published.

Administrators are encouraged to consult Microsoft's "Deployment Priority" chart as they apply the patches.

"From a distance, it is large and scary, with 17 bulletins and 40 CVEs," Tyler Reguly, technical manager of security research and defense. "But when you get up close and really start to look at the patches, there isn't really anything to be afraid of."

Flaws targeting widely used applications SharePoint and Exchange are being patched as well, but these don't seem to present much risk of exploit, Reguly said.



Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.