News

Microsoft's November Security Update Fixes 4 Windows 8 Flaws

Microsoft's first security update after the release of its newest OS features three "critical" bulletin items that address 4 reported issues for Windows 8 and Windows RT.

While three items that address multiple issues in an operating system that has been on the market for less than a month could be alarming for some users, researcher Andrew Storms, nCircle's security director,  commented that due to the very nature of Microsoft's OS and its popularity, the discovery of multiple vulnerabilities in Windows 8 this quickly should be expected.

"Much of [Windows 8's] core operating system is reused from version to version (even in new releases) and all software has its share of bugs," said Storms in a blog post. "These factors, plus the security researchers that love to find and report bugs in the latest versions of software, are why there are several bulletins for Windows 8. They shouldn't surprise you."

This month's patch Tuesday also arrived with an additional critical Internet Explorer fix, one "important" Office security update and a "moderate" Windows item for a total of six bulletins.

Security experts have pegged the Microsoft Web browser item, bulletin MS 12-071, as the top priority for IT this month. Affecting only Windows Explorer 9, the "cumulative security update" addresses three privately reported issues that could lead to remote code execution attacks if users visit specially crafted, malicious Web sites.

According to Jason Miller, Manager of Research and Development at VMware, any security bulletin that targets issues in Internet Explorer should be applied as soon as possible due to the relative ease of infection.

"Like most browser-based attack scenarios, this vulnerability can be exploiting by visiting malicious website which can result in remote code execution," said Miller in an e-mailed response.

Microsoft has suggested that bulletin MS012-075, a fix for three issues in the Windows Kernel should also be a top priority when patching. The most severe issue could lead to a remote code execution attack if a Web site with malicious TrueType font files is visited. This update is rated critical for all versions of Windows, including Windows 8 and Windows RT (found in Microsoft's Surface tablet and other ARM-based Windows devices).

Bulletin MS012-072, the second of three critical Windows items for November, targets all versions of Windows (excluding Windows RT) and Windows Server.

The two privately reported vulnerabilities addressed in this bulletin "could allow remote code execution if a user browses to a specially crafted briefcase in Windows Explorer," according to Microsoft. "An attacker who successfully exploited the vulnerabilities could run arbitrary code as the current user."

The final critical bulletin (MS012-074) takes care of five .NET Framework vulnerabilities in multiple versions of Windows OS and Windows Server (including Windows 8 and Windows RT). If gone unpatched, malicious code could be inserted into a targeted system if a user is tricked into using a harmful proxy auto configuration file.

Due to the relative difficulty of leveraging such an attack, Wolfgang Kandek, CTO of Qualys, Inc., believes that the number of attacks on unpatched systems should be limited.

"The potential for widespread code execution through this mechanism is limited because .NET applications are turned off by default," said Kandek in a blog post. "As of June 2011, they require user agreement to run."

Items in Microsoft's security updated should only be applied once proper testing has been completed. More information on this month's rollout can be found here.  

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Exploring OCR, a New Way To Get Data into Excel

    Microsoft recently added a new optical character recognition feature to Excel that lets users import data from a photograph taken from a smartphone. Here's how to use it.

  • Microsoft Authenticator App To Get Real-Time Phishing Protections

    Microsoft is working on adding capabilities to its Microsoft Authenticator app to help defeat security breaches enabled by advanced attack techniques, including phishing and man-in-the-middle methods.

  • A Quicker Way To Create Hyper-V Inventory Reports

    If you need to generate Hyper-V inventory reports but don't want the hassle of writing your own custom PowerShell script, here is a shortcut.

  • Microsoft Previews New Azure Active Directory Roles and Bulk Management Capability

    Microsoft this week announced a couple of noteworthy previews of new capabilities for IT pros using the Azure Active Directory identity and access management service.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.