Incident Response, Network Security, Patch/Configuration Management, TDR, Vulnerability Management

Microsoft to push out four patches, three critical

Microsoft announced late Thursday that it plans to push out four patches, three to address critical vulnerabilities, in Tuesday's monthly security update.

The three critical fixes address holes in Word, Publisher and the Jet Database
Engine, according to Microsoft's advance notification. All of these flaws can be exploited to execute remote code.

The Word and Jet patches likely are related to a known zero-day vulnerability, Andrew Storms, director of security operations at network security firm nCircle, told on Friday.

In March, Microsoft warned of a Jet Database exploit that was spreading through Word in "limited, targeted attacks."

Jet Database files are referenced by the .mdb (Microsoft Access Database) file extension, which are considered unsafe and users are normally blocked from opening them in Outlook or Internet Explorer, according to Microsoft. However, attackers have discovered a way to evade the built-in restrictions.

"It looks like what we're seeing here is a fix for the same bug," Storms said of the Word and Jet patches. "Essentially both attack vectors are going to be repaired in this update."

He said he was not sure if the Publisher fix was related.

Microsoft is also planning a patch for its security software -- Windows Live OneCare, Antigen, Windows Defender and Forefront -- for a moderate vulnerability that could permit a denial-of-service attack.

Storms said the bug likely could allow an attacker to send a maliciously crafted file that would stall an an anti-virus scan.

"If you're scanning engine goes down, it's a big deal," he said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.