Patch/Configuration Management, Vulnerability Management

Fresh MS vulnerabilities targeted

Hackers are now threatening the seven vulnerabilities pointed out by Microsoft last Tuesday.

The French Security Incident Response Team (FrSIRT) has published a list of – so far – four malicious exploits for the flaws, revealed as part of last week's Patch Tuesday release.

Two of the exploits, published on the agency's website last Wednesday and Thursday, take advantage of a flaw in Windows Media Player BMP handling buffer overflow. The others, posted on Friday, aim to use remote code execution to take advantage of flaws in Media Player versions 9 and 10.

Of the seven patches Microsoft released last Tuesday, two were deemed "critical." One, a "cumulative security update for Internet Explorer," was to patch "a vulnerability (that) exists in IE that could allow remote code execution." The other bulletin warned of a vulnerability in Media Player that could allow for remote code execution.

Five "important" patches were also released last week, including one to fix a flaw in Media Player Plug-in that could allow for remote code execution.

Regarding the plug-in flaw, the Redmond, Wash., based computing giant warned users that, "you are only vulnerable to this issue when using a non-Microsoft internet browser."

Kaspersky Lab's Viruslist site advised PC users on Friday that exploits were "minutes or days away."

Microsoft released two separate bulletins last month due to a widespread Windows metafile (WMF) vulnerability that left most Windows users at a risk of downloading malicious code just by viewing corrupted image files.

The WMF patch, demanded early by many security experts and PC users, was released five days earlier than the scheduled Jan. 10 bulletin.

On the scheduled release date, Microsoft released two other patches – one for a vulnerability in embedded web fonts and the other for a TNEF decoding flaw.

Last December, the company released two patches, one for an Internet Explorer vulnerability and one for a flaw in the Windows kernel that could permit privilege escalation.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.