Tag Archives: patch day

Remote Desktop and IE Updates Top April’s Patch Day List

April 9, 2013 by Corey Nachreiner 0 Comments

Unless you’re new to IT, you’re probably aware that todaythe second Tuesday of the monthis Microsoft Patch Day.

As expected, Microsoft released nine security bulletins today, fixing 13 vulnerabilities across products like Internet Explorer (IE), Windows and its components, Sharepoint Server, and a few other Office server products. The worst two, Critical-rated updates fix security problems in IE and the Remote Desktop Client (RDC) that ships with Windows (specifically, its ActiveX control). The vulnerabilities in both these products could help remote attackers launch drive-by download attacks. If an attacker can get your IE or RDC users to visit a specially crafted web site (or a legitimate, hijacked web site), they could leverage these flaws to execute arbitrary code with those users’ privileges. You should download, test, and apply these Critical updates as soon as you can, or let Windows’ automatic updater do it for you.

As an aside, some experts had expected today’s IE update to fix some publicly disclosed vulnerabilities from the recent Pwn2Own contest at a Canadian security conference. In their IE alert, Microsoft credits two Google security researchers for discovering the flaws they fixed today. However, the Pwn2Own IE 10 flaws were disclosed by different researchers from VUPEN. So it appears the Pwn2Own IE flaws are still open issues.

Microsoft also released seven other updates, which they rate as Important. While not as serious as the ones mentioned above, they all fix some relatively risky issues too. In general, I recommend you always install all of Microsoft’s monthly patches as quickly as you can. That said, be sure to at least try and test the server updates before deploying them to your production network.

I’ll post more detailed alerts about these security bulletins as the day progresses. Stay tuned. — Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , ,

Microsoft Kicks Off Spring with Nine Security Bulletins

April 4, 2013 by Corey Nachreiner 4 Comments

The advanced notification results are in, and it’s looking good for Patch Day.

Next Tuesday, Microsoft will release nine security bulletins, two of which the Redmond-based software company rates as Critical. The bulletins will fix flaws in Windows, Internet Explorer (IE), Office, and some of Microsoft’s server and security software. As usual, they haven’t shared many details yet, but some experts expect the critical IE update to fix the zero day vulnerabilities disclosed at CanSecWest’s recent Pwn2Own contest. Either way, I expect the IE flaws to pose the greatest risk to most users, so you should plan on applying that patch as quickly as possible.

While nine bulletins may sound like a lot, it’s pretty average for Patch Day lately. Nonetheless, you should prepare your IT staff for a busy day of testing and patching next Tuesday. We’ll know more about these bulletins next week, and will publish alerts about them here. — Corey Nachreiner, CISSP (@SecAdept)

Screen Shot 2013-04-04 at 10.01.09 PM

Editorial Articles
, , , , , , ,

Microsoft Black Tuesday: Security Flaws in a Menagerie of Products

March 12, 2013 by Corey Nachreiner 3 Comments

Though today’s Patch Day might seem pretty average as far as the number of security bulletins released, it does cover a rather eclectic range of Microsoft products. In fact, a few of the updates affect Mac users as well, and one is even exclusive to Mac.

During today’s Patch Day, Microsoft released seven security bulletins fixing  20 vulnerabilities in the following products:

  •  Windows (all versions)
  • Internet Explorer (IE)
  • Office Suite updates
    • Visio Viewer 2010
    • SharePoint Server 2010
    • OneNote 2010
    • Office Outlook for Mac
  • Silverlight 5 (For PC and Mac)

They rate four of the bulletins as Critical, and three as Important. Many of the Critical issues can allow remote attackers to execute code on affected systems. So we highly recommend you patch them quickly.

We’ll share more details about today’s bulletins in upcoming alerts. Until then, feel free to check out Microsoft’s March bulletin summary.  — Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles
, , , , , , , , , , , ,

Microsoft Leprechaun Leaves a Pot Full of Patches

March 8, 2013 by Corey Nachreiner 0 Comments

We’re coming upon that time of the month again for Microsoft administrators; patch time.

According to the latest Advanced Notification page, our Microsoft friends plan on releasing seven security bulletins next Tuesday. The bulletins will including updates to fix security vulnerabilities in Windows, Office, Internet Explorer (IE), Silverlight, and some of their Server Software. They rate more than half (4/7) of the bulletins as Critical, which typically means remote attackers can likely exploit them to gain control of vulnerable computers.

MS Notification 3/13At this point you’re probably quite familiar with the monthly update routine, and know you should prepare your IT team for Patch Day so that they can apply Microsoft’s fixes as soon as possible; especially the Critical ones.

As always, I highly recommend you take some extra time to test the updates before applying them. Lately, there have been a few more reported incidents of Microsoft patches causing issues. You should at least take the time to test the server related updates before deploying them to production machines.

I’ll know more about these bulletins next Tuesday, and will publish alerts about them then.

In an unrelated aside, some business travel has delay production of my weekly security news video. For those waiting, it will come out today, but it may be later in the afternoon. — Corey Nachreiner, CISSP

Editorial Articles
, , , , , ,

WatchGuard Security Week in Review: Episode 53 – RSA 2013

March 1, 2013 by Corey Nachreiner 2 Comments

RSA 2013: Big Data, Chinese APT, and User Awareness

This week’s InfoSec news video comes from the 2013 RSA Security Conference in San Francisco. As such, much of the episode covers the major themes from the show flow. However, cyber attackers don’t take a break just because the security industry is having a pow-wow. I also cover other big stories from the week, including an emergency Flash update, a cPanel breach, new nation-state malware, and even an HTML5 trick than can fill you hard drive. Check out the episode below.

As always, feel free to browse the Reference section for more details on any of these stories, and thanks for watching. Comment if you have any suggestions.

(Episode Runtime: 10:11)

Direct YouTube Link: http://www.youtube.com/watch?v=AJbDQnkUToE

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , , ,

WatchGuard Security Week in Review: Episode 52 – China APT1

February 25, 2013 by Corey Nachreiner 1 Comment

China APT1 Attackers and Java 0day Breaches

Welcome to another week of InfoSec news. If you’re subscribed to the YouTube channel directly, you probably noticed I posted last week’s video late last Friday. Unfortunately, I was catching a plane at the time, so I decided to wait until today to post the video blog entry. If you missed any of last week’s big information and network security news, you’ve come to the right place.

This week’s “on the road” episode covers Apple and Facebook network compromises, the zero day Java exploit that caused them, and one security company’s research alleging the Chinese government is behind many recents advanced persistent threat (APT) attacks. I also recommend some critical updates for Windows, Linux, and OS X users, so make sure to watch below.

This week I’ll be attending the RSA security conference, and recording another episode on the go, which means I may also post next week’s episode earlier or later than normal depending on my travel and event schedule. Until then, thanks for watching and stay frosty out there.

(Episode Runtime: 6:39)

Direct YouTube Link: http://www.youtube.com/watch?v=MolGboEK7nE

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , , ,

MS Black Tuesday: 12 Bulletins, 57 Flaws, and Lots of Work

February 12, 2013 by Corey Nachreiner 3 Comments

Though not the biggest on record, today’s Patch Day is no slouch.

As expected, Microsoft released a dozen security bulletins, fixing 57 vulnerabilities that affect a range of their software, including:

  • Windows (and its components)
  • .NET Framework
  • Internet Explorer (IE)
  • Exchange Server
  • Fast Search Server 2010

According to the summary alert, Microsoft rates five of the bulletins as Critical, which typically means remote attackers can exploit them to gain control of affected computers (usually with little to no user interaction). In general, I recommend you apply these Critical updates first.

In particular, I’d start with the two IE updates since attackers often target users with drive-by download attacks. Also, jump on the Exchange server update immediately, as it fixes an issue attackers could easily exploit with a specially crafted email and attachment—not to mention, your email server is a pretty critical asset.

Though not as serious as other issues, one of Microsoft’s alerts describes a Windows TCP/IP Denial of Service vulnerability, which it sounds like attackers could exploit with a single malicious packet. I haven’t seen this sort of “Ping of Death”-like DoS vulnerability in a while.

As always, I recommend you test the updates before deploying them to a production environment. If you don’t have time or resources to test all of them, at least try to test the server-related updates.

As an aside, WatchGuard’s IPS signature team gets early warning about Patch Day, and will release a new signature update that detects some of the described issues shortly. The have developed signatures for the following Patch Day-related issues:

  • CVE-2013-0015
  • CVE-2013-0018
  • CVE-2013-0019
  • CVE-2013-0020
  • CVE-2013-0021
  • CVE-2013-0022
  • CVE-2013-0023
  • CVE-2013-0024
  • CVE-2013-0025
  • CVE-2013-0026
  • CVE-2013-0027
  • CVE-2013-0028
  • CVE-2013-0029
  • CVE-2013-0030
  • CVE-2013-0077
  • CVE-2013-1313

We’ll post consolidated alerts throughout the day, sharing more details about these bulletins and updates. Stay tuned.  — Corey Nachreiner, CISSP (@SecAdept)

Microsoft Patch Day: Feb. 2013

Editorial Articles
, , , , , , , , , , , , , ,

WatchGuard Security Week in Review: Episode 51 – Flash 0day

February 8, 2013 by Corey Nachreiner 3 Comments

Flash Exploit, ICS Hacks, and Federal Reserve Bank Breach

We’ve had another busy week of security news, with more stories than I can cover in a short video. So I’ll stick to the highlights. Today’s episode talks about a couple Adobe Flash zero day vulnerabilities, the latest Anonymous hijinks, some cross-platform mobile malware, and more. If you missed this week’s InfoSec news, and want to learn about the biggest stories (including how to defend against the latest attacks), click the play button below. Also, check out the Reference section for links to some other interesting security stories I skipped.

Enjoy your weekend, and stay frosty out there.

(Episode Runtime: 8:03)

Direct YouTube Link: http://www.youtube.com/watch?v=B6YdI3NGwlg

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , , ,

Microsoft Piles on Patches Next Tuesday

February 7, 2013 by Corey Nachreiner 1 Comment

February looks to be a busy month for Microsoft administrators. According to the latest advanced patch notification, the Redmond-based software company plans to release a dozen security bulletins next Tuesday. The bulletins will fix security flaws in Windows, Internet Explorer (IE), Office, the .NET Framework, and Exchange server. Microsoft rates five of the  bulletins as Critical, and the rest as Important.

In the middle of last month, Microsoft released an out-of-cycle IE update to fix a flaw attackers were leveraging in the wild. It appears that update didn’t fix everything in IE since at least two of the upcoming bulletins affect the popular web browser.

As always, we’ll share more about these updates, and the vulnerabilities they correct, next week. You can also expect our IPS signature team to have signatures prepared for any known exploits that Microsoft shares with us. In the meantime, prepare your IT team for a pretty full plate of patches. — Corey Nachreiner, CISSP (@SecAdept)

Microsoft Patch Day: Feb. 2013

Editorial Articles
, , , , , , , , , , ,

WatchGuard Security Week in Review: Episode 49 – Expelled Hacker

January 25, 2013 by Corey Nachreiner 2 Comments

Red October, Cisco WLAN Updates, and Expelled Hacker

Welcome to another “on the road” edition of WatchGuard Security Week in Review, the video podcast dedicated to summarizing the biggest InfoSec stories each week. This week’s episodes covers a Cisco wireless controller security update, Kaspersky’s investigation into the Red October cyber-espionage campaign, and the controversy surrounding an expelled “white hat” hacker. For more details on those stories and others, watch the short video below. You can also check out the ?Reference section for more details on any of these topics.

(Episode Runtime: 6:48)

Direct YouTube Link: http://www.youtube.com/watch?v=Q08Gcu_7EXo

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles, Security Updates
, , , , , , , , , , , , , , , , , , , , , , ,
Older Entries

Follow

Get every new post delivered to your Inbox.

Join 7,118 other followers

%d bloggers like this: