Shavlik Comments on February Patch Tuesday Releases

"Microsoft has released 13 new security bulletins for February’s Patch Tuesday. This size of this release is not uncommon. Historically, Microsoft has had a light January followed by a large February. This month’s patches address 26 vulnerabilities. There have been no reports of active attacks against these vulnerabilities. One of these vulnerabilities has been publicly disclosed.

There are three bulletins administrators should address right away:

MS10-006 – Fixes two vulnerabilities in the SMB networking service that affects all supported operating systems. Visiting a malicious website that makes a file sharing connection can result in remote code execution. There are two security bulletins this month that affect SMB. MS10-006 is not related to MS10-012.

MS10-007 – Fixes one vulnerability in the Windows Shell handler that affects Windows 2000, XP and 2003 operating systems. Visiting a specially crafted website can result in remote code execution. This vulnerability will more than likely be exploited in the near future as malicious websites are an extremely common attack vector for vulnerabilities.

MS10-013 – Fixes one vulnerability in Microsoft DirectShow. This bulletin affects all supported operating systems. Opening a specially crafted media file, AVI, can result in remote code execution. It is important to note that some operating systems may require multiple patches from this bulletin to fix the vulnerability. Media files are commonly sent and downloaded, so this vulnerability could affect many users.

Microsoft Security Advisory 979682 has been expired as the bulletin MS10-015 addresses this known vulnerability. There still have been no reports of active exploits on this vulnerability.

In MS10-004, Microsoft is patching PowerPoint. It is important to note that PowerPoint Viewer 2003 is affected by this vulnerability, but Microsoft is not releasing a patch for this version of the viewer. Microsoft is stating the product has reached the end of its lifecycle and will not have any future security patches. You should identify all PowerPoint 2003 Viewers on your network and upgrade them to PowerPoint 2007. The newer version of the viewer is not affected by this vulnerability.

Microsoft has also released a new Security Advisory in 977165. Over the past couple of months Microsoft has been releasing new security advisories on Patch Tuesday. It is important to watch for items other than security bulletins as these might slip by network admins as they are focused on the bulletins. As a general security practice, every single new Security Advisory should be reviewed and workarounds should be applied if necessary."


About Shavlik

Shavlik, a global leader in simplifying the complexity of IT management, is dedicated to significantly reducing the time-to-value for IT professionals from months to minutes. Shavlik’s Protect, Configure, SCUPdates and Management Intelligence are some of its on-premise and cloud base solutions that enable customers to manage both physical and virtual machines, deploy software, discover assets, simplify configuration, control power usage and ensure endpoint security. By bringing the sophisticated capabilities enjoyed by large companies to organizations of all sizes and types, Shavlik is driving the democratization of IT.

No comments yet.

Leave a Reply