Threat Center Security News Recap of Patch Tuesday (Oct 2008)
Recap of Patch Tuesday (Oct 2008) Print E-mail
Written by Rebecca Mints   
Wednesday, 15 October 2008 12:36

Big day yesterday for Patch Tuesday as 11 patches were released, four of them gaining MS's "critical" designation. Additionally several important updates were also released. And there is already talk of a nasty new vulnerability on today, Zero-day, that we will have to wait another month for a fix.

 

So it's the day after patch tuesday. MS addressed 11 - Bulletin 3: Critical (Remote Code Execution), Microsoft Host Integration Server - Bulletin 4: Critical (Remote Code Execution), Microsoft Office - Bulletin 5: Important (Elevation of Privilege), Windows - Bulletin 6: Important (Elevation of Privilege), Windows vulnerabilities yesterday: four of them "critical," six "important" and one "moderate." The "critical" ones could allow for remote execution of code and lead to a hacker gaining remote control of a machine. Windows 2000, Windows XP (x86 and x64), Windows Server 2003 (x86 and x64), Windows Vista (x86 and x64), and Windows Server 2008 (x86 and x64) were all addressed, as well as all versions of office. Other patches included were for IE6 and IE7, Open XML File Format Converter for Mac, Microsoft Office Excel Viewer, and Microsoft Host Integration Server 2000/2004/2006.

 

The list of patches were as follows:

- Bulletin 1: Critical (Remote Code Execution), Windows

- Bulletin 2: Critical (Remote Code Execution), Windows, Internet Explorer

- Bulletin 3: Critical (Remote Code Execution), Microsoft Host Integration Server

- Bulletin 4: Critical (Remote Code Execution), Microsoft Office

- Bulletin 5: Important (Elevation of Privilege), Windows

- Bulletin 6: Important (Elevation of Privilege), Windows

- Bulletin 7: Important (Remote Code Execution), Windows

- Bulletin 8: Important (Remote Code Execution), Windows

- Bulletin 9: Important (Elevation of Privilege), Windows

- Bulletin 10: Important (Remote Code Execution), Windows

- Bulletin 11: Moderate (Information Disclosure), Microsoft Office

 

In addition to the above patches MS also released several updates:

- One or more non-security, high-priority updates on Windows Update (WU) and Windows Server Update Services       (WSUS)

- One or more non-security, high-priority updates on Microsoft Update (MU

- An updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Updat) and WSUS e, Microsoft Update, Windows Server Update Services, and the Microsoft Download Center

 

Now today is Zero-day and there are new vulnerabilities that will not be attended to for another month. One of the holes that we will have to deal with for 30 days is a problem with Word. It would be executed by an a user opening a carefully crafted file containing the malicious code and it could attack system memory in such a way that could give the attacker complete control of the infected machine. Affected softwares are Office 2000 & Office XP. Of course, the user would have to "invite the vampire into their home" by actually choosing to open the infected file. Being wary of opening attachments from unknown senders is a good way to protect against this. According to MS the vulnerability is being executed in "very limited, targeted attacks."

 

WTW Threat Level