14 DAY TRIAL // Microsoft has released a patch for a Critical Windows kernel vulnerability affecting both Windows Vista RTM/SP1 and SP2 and Windows XP SP2 and SP3. Therefore, customers are advised to apply the update immediately. Earlier this week, the Redmond company gave green light to the distribution process of no less than six security bulletins, designed to resolve a total of 15 vulnerabilities in various releases of Windows and the Office System.
Out of all security patch packages, Microsoft Security Bulletin MS09-065, rated Critical because it could allow for remote code execution, should be considered as the highest priority when it comes down to deployment. Users need to make sure that a Win32k EOT Parsing vulnerability impacting Windows 2000 SP4, XP, Vista, Windows Server 2003, and Windows Server 2008 is dealt with. Not only is the security flaw considered Critical, but it has also received an Exploitability Index rating of 1, meaning that Microsoft considers likely the creation of consistent exploit code in the upcoming weeks.
“A remote code execution vulnerability exists in the Windows kernel-mode drivers due to the improper parsing of font code when building a table of directory entries. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” reads the description Microsoft provided for the update.
The increasing number of Windows 7 users should be happy to know that the latest iteration of the Windows client is safe from all the security vulnerabilities patched in its predecessors. According to Microsoft, there are no security bulletins affecting Windows 7 released this month.
Below you will be able to find the Microsoft November Security Bulletin releases, as provided by Christopher Budd, security response communications lead, Microsoft:
“- MS09-063 (Maximum severity rating of Critical): This update resolves one privately reported vulnerability in Windows, which could allow remote code execution if an affected Windows system receives a specially crafted packet. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This update received a 2 rating from Microsoft’s Exploitability Index.
- MS09-064 (Maximum severity rating of Critical): This update resolves one privately reported vulnerability in Windows, which could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system .This update received a 2 rating from Microsoft’s Exploitability Index.
- MS09-065 (Maximum severity rating of Critical): This update resolves three privately reported vulnerabilities in Windows, which could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. This update received a 1 rating from Microsoft’s Exploitability Index.
- MS09-066 (Maximum severity rating of Important): This update resolves one privately reported vulnerability in Windows, which could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This update received a 3 rating from Microsoft’s Exploitability Index.
- MS09-067 (Maximum severity rating of Important): This update resolves eight privately reported vulnerabilities in Office, which could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. This update received a 1 rating from Microsoft’s Exploitability Index.
- MS09-068 (Maximum severity rating of Important): This update resolves one privately reported vulnerability in Office, which could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This update received a 1 rating from Microsoft’s Exploitability Index.”