Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Andrew Clarke, senior vice president of international at Lumension, claimed that the fix for both a zero-day flaw and 13 other privately reported security vulnerabilities is welcomed, although it should be seen as an opportunity to patch other applications.
Clarke said: “What is important for IT administrators to understand is that May's Patch Tuesday isn't just about patching Microsoft's single patch, but rather fixing other security flaws that are non-MS related in order to stay current and patched. In addition to Microsoft, other vendors including Google, F-Secure, Adobe, HP, Symantec and Mozilla (to name a few) released a slew of patches for popular software applications.
“It is important to remember that historically, popular applications and files like Adobe PDF files or Word, Excel or PowerPoint files have been great vehicles for targeted attacks because those attachments are so socially acceptable and are simply expected attachments within corporate email.”
Clarke further claimed that it is easy to get lulled into a false sense of security until you dig into the details and look at the bigger picture. He encouraged security managers to get their "head out of the sand and do a full inventory and assessment of their IT assets (applications and operating systems)".
“By doing so, you can check on the latest security vulnerabilities that need to get addressed within your IT environment and apply remediation as soon as they are released by the vendor. In order to stay current and secure, always keep your eye on the latest fixes that are being released not just by Microsoft, but other security vendors that are applicable to your environment”, said Clarke.
Speaking on the patch itself, Eric Schultze, CTO of Shavlik Technologies, claimed that it is a ‘client side' patch due to it only attacking a machine once a user has taken an action on their computer. He said that a typical client-side action may include opening malicious documents, reading an evil email, or viewing an evil web page, attacks that are usually constrained to systems where a user is interactively working on the desktop.
Schultze said: “Based on these definitions, today's PowerPoint release addresses a client-side vulnerability. Its attack vector is dependent upon a user performing an action. As a result, we won't see rapid propagation of infected systems through this vector (though once a machine is infected, it could launch other attacks using worm-like server side attack mechanisms such as Conficker).
“Best to patch your client-side systems (where users interact with the desktop) for this issue first, then patch any servers where PowerPoint products may be installed.” See original article on scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.