Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft on Tuesday released four security bulletins as part of its November update, closing the same number of holes and expectedly leaving out a permanent fix for the flaw linked to the Duqu trojan.
One of the patches is rated “critical,” Microsoft's highest bug-severity rating, while two others are deemed “important” and one is listed as “moderate.” All of the patches impact Windows and will require a reboot.
Still outstanding is a zero-day Windows kernel flaw, which Microsoft confirmed last week to be connected to Duqu, the so-called "son of Stuxnet" trojan. The software giant did, however, last week issue a temporary fix to block attacks attempting to exploit the vulnerability.
The one critical bug patched this month impacts the TCP/IP stack of Windows and could allow for the execution of remote code “if an attacker sends a continuous flow of specially crafted UDP (user datagram protocol) packets to a closed port on a target system,” Microsoft said in its bulletin summary. Though rated critical, Microsoft gave it the second-highest exploitability rating of 2, meaning that the exploit code is inconsistent.
Still, out of the four, this flaw should be patched with the highest urgency, Wolfgang Kandek, CTO at Qualys, said in a blog post Tuesday.
“Since this vulnerability does not require any user interaction or authentication, all Windows machines, workstations and servers that are on the internet can be freely attacked,” he wrote. “The mitigating element here is that the attack is complicated to execute…but otherwise this has all the required markings for a big worm.”
Meanwhile, other flaws affect Windows Mail and Windows Meeting Space, The former could allow for remote code execution, while the latter impacts Active Directory and could lead to elevation of privileges.
Further, the moderate-severity vulnerability impacts Windows kernel-mode drivers and could allow for a denial-of-service attack.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.