Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft has pushed out three patches -- one deemed "critical" -- to resolve eight vulnerabilities.
The critical bulletin addresses three flaws in the Windows kernel, the core of the operating system, including one that affects its Graphics Device Interface (GDI). If users are duped into visiting a malicious website hosting the exploit, they can be infected, said Andrew Storms, director of security operations at vulnerability management firm nCircle.
Storms added that because Microsoft has issued fixes for similar GDI issues in the past, many malware writers will be ready to pounce on the new flaw.
"There are a number of known exploit codes that might be able to be altered for these new bugs," he told SCMagazineUS.com. "A lot of eyeballs are going to go after that."
Security experts said the other major patch that administrators should pay attention to is a fix for four vulnerabilities in the Windows DNS and WINS (Windows Internet Naming Service) servers. Storms said successful exploitation could allow an attacker to poison a target's DNS cache -- although it would take some work.
"Someone on the network would have to guess the transaction ID [associated with individual DNS requests]," he said.
Microsoft graded this fix "important," saying it corrects flaws that could be exploited to permit spoofing attacks. But Eric Schultze, CTO of patch management software provider Shavlik Technologies, said he considers the patch critical.
"The DNS server's sole purpose is to hand out information about what websites were located where," he told SCMagazineUS.com. "This particular vulnerability allows an unauthenticated attacker to remotely modify all that data."
Tuesday's security update also includes a third patch to remedy a single vulnerability in SChannel, a Microsoft authentication protocol suite. The software giant labeled that fix "important."
Missing from the bundle was a fix for a zero-day Excel vulnerability, which has resulted in active attacks. That bug was announced in late February.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.