February 2012 Patch Tuesday Overview

Microsoft has released nine new security bulletins for the February 2012 edition of Patch Tuesday.  This Patch Tuesday is typically marked as a ‘heavy’ release month and includes nine new security bulletins addressing 21 vulnerabilities.

There are two bulletins that administrators should look to patch immediately.  Both of these bulletins address vulnerabilties that have the potential for drive-by attack scenarios from websites.

First up is Microsoft security bulletin MS12-010.  This bulletin affects all supported Microsoft Internet Explorer browsers and addresses four vulnerabilities in the browser.  As is the case with most, if not all Internet Browsers, it is extremely important to patch as soon as possible as browsers are one of the most attacked pieces of software.  The vulnerabilities addressed in this patch could allow an attacker to exploit the browser through malicious websites.

Similarly, MS12-013 also has a possible drive-by attack vector.  This bulletin addresses one vulnerability in the C Run-Time Library.  If an attacker can entice a user to open a malicious media file, the attacker can gain full access to a system.  In this new media and social media age, media file attack vectors are just as important as browser attack vectors when it comes to patching security vulnerabilities.

Our old friend, the DLL preload vulnerability, is making a return after a one-month hiatus.  Two bulletins this month fix the DLL preload vulnerability in Microsoft applications.

MS12-012 – Color Control Panel
MS12-014 – Indeo Codec

Since releasing the Security Advisory for this issue in November 2010, Microsoft has patched different programs affected by this vulnerability 22 times.  It is safe to say we will continue to see the DLL preload vulnerability being addressed by Microsoft in the coming months.

On the non-Microsoft front, there is already one vendor joining Patch Tuesday.  Adobe released two new security bulletins today affecting two Adobe products.  Security bulletin APSB12-02 affects Adobe Shockwave and fixes nine vulnerabilities.  Adobe Security bulletin APSB12-04 affects Adobe RoboHelp for Word and fixes one vulnerability.

This has been quite a busy month with multiple non-Microsoft vendors releasing security updates for their software.  After a very quiet December and January, it appears the non-Microsoft vendors are getting back to a normal cadence for releasing security updates for their software application.  The following vendors have released security updates since January 2012 Patch Tuesday:

Opera
Google Chrome (twice)
Yahoo Messenger
Mozilla Firefox (twice)
Mozilla Thunderbird (twice)
Mozilla SeaMonkey (twice)
Real Player
Skype

For those administrators who wait for a monthly maintenance window for their patching needs, this month is going to be quite a large month combining all of the Microsoft and non-Microsoft security bulletins released since the last Patch Tuesday.

Shavlik

About Shavlik

Shavlik, a global leader in simplifying the complexity of IT management, is dedicated to significantly reducing the time-to-value for IT professionals from months to minutes. Shavlik’s Protect, Configure, SCUPdates and Management Intelligence are some of its on-premise and cloud base solutions that enable customers to manage both physical and virtual machines, deploy software, discover assets, simplify configuration, control power usage and ensure endpoint security. By bringing the sophisticated capabilities enjoyed by large companies to organizations of all sizes and types, Shavlik is driving the democratization of IT.
No comments yet.

Leave a Reply


*