Tuesday Fun With Microsoft

The new patches are here, the new patches are here!

Microsoft Patches 17 Bugs in December Patch Tuesday

Microsoft fixed 17 bugs in the Windows operating system, Microsoft Office, Windows Media Player and Internet Explorer. The fixes also cover a zero-day flaw exploited by the Duqu Trojan.

Microsoft released 13 security bulletins to fix 17 different vulnerabilities as part of its December Patch Tuesday update, according to the advisory released Dec. 8. Three bulletins were marked critical and the remaining 10 were rated important.

See also:
Microsoft Security Bulletin Summary for December 2011
Merry Christmas! Microsoft Plans Massive Patch Tuesday to Close 2011
Last Patch Tuesday of 2011 Secures Windows XP, Vista, Windows 7
December 2011 Patch Tuesday sees 13 Microsoft bulletins, Duqu patch
Microsoft fixes 20 bugs in year’s last ‘Patch Tuesday’
Microsoft to patch three critical holes
Microsoft slims final patch Tuesday of 2011 to 13 patches from proposed 14
No BEAST fix from Microsoft in December patch batch
Microsoft fixes Duqu hole, but not BEAST problem
Microsoft scratches BEAST patch at last minute, but fixes Duqu bug
December Patch Tuesday Fixes Duqu Worm
‘Duqu’ zero-day Windows flaw patched this week
Microsoft: Duqu patched, bringing years total to 99 corrections

Well, it’s a good thing that Microsoft finally patched against the Duqu virus, better late than never, as they say. What are you waiting for? Start installing your gifts!

/at least you can’t say Microsoft didn’t get you anything for the Holidays

Advertisements

A Preview Of Coming Attractions

So much for Homeland Security. From Russia, without love, hitting us where it really hurts.

Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says

Foreign hackers caused a pump at an Illinois water plant to fail last week, according to a preliminary state report. Experts said the cyber-attack, if confirmed, would be the first known to have damaged one of the systems that supply Americans with water, electricity and other essentials of modern life.

Companies and government agencies that rely on the Internet have for years been routine targets of hackers, but most incidents have resulted from attempts to steal information or interrupt the functioning of Web sites. The incident in Springfield, Ill., would mark a departure because it apparently caused physical destruction.

See also:
Was U.S. water utility hacked last week?
Foreign cyber attack hits US infrastructure: expert
Illinois Water Utility Pump Destroyed After Hack
H(ackers)2O: Attack on City Water Station Destroys Pump
Cyberattack investigation centers on Curran-Gardner water pump
Feds investigating whether Illinois “pump failure” was cyber attack
Broken water pump in Illinois caused by cyber-attack from Russia, claims expert, but DOH denies terrorism
Cyberattack on Illinois water utility may confirm Stuxnet warnings
Water utility hackers destroy pump, expert says
UPDATE 3-U.S. probes cyber attack on water system

The SCADA vulnerabilities to a remote attack have been known for years. The solution is real simple, DON’T CONNECT YOUR CRITICAL INFRASTRUCTURE TO THE INTERNET!

/how hard is that, is it going to take a disaster for us to learn this basic lesson?

Is This The Start Of Something Big?

Unless the Iranians are insanely careless when moving ordnance around an “ammunition depot”, it’s unlikely that an explosion of this size was an accident, especially if reports are true that this was actually a highly secret missile base, a senior Guard commander was killed and/or that two consecutive explosions occurred in two IRGC bases.

Mystery surrounds deadly blast at Iran ammunition depot

Mystery surrounds yesterday’s explosion at a Revolutionary Guard ammunition depot that was so large it was felt and heard almost 30 miles away in Tehran.

. . .

The Fars News Agency, which is connected to the Islamic Revolutionary Guard Corps (IRGC), reported on Sunday that the IRGC “strongly dismissed certain baseless reports” that the explosion was “related to nuclear tests or transport of missile warheads.”

“The blast happened during the transportation of [conventional] ammunition,” said the IRGC press chief General Ramazan Sharif. Some 15 soldiers had been “martyred,” he said, dialing down initial estimates of 40, though some of the wounded were in critical condition.

See also:
Blasts hit IRGC military base in W Tehran, 15 dead
‘IRGC military base blast kills 17’
Accidental explosion at Revolutionary Guard ammunition depot kills 17 west of Iran’s capital
Iran explosion at Revolutionary Guards military base
17 killed in Iran base blast
Iran exile group claims blast near Tehran hit closely guarded missile base
Iran exile group claims blast hits missile base
Iran exile group claims blast hits missile base
Iran Exile Group Claims Blast Hits Missile Base
Iran Guards: Officer killed in blast a ‘martyr’
Iran: Dead Guard commander was missile expert
Massive explosion in Iran kills 17
17 killed in massive explosions at munitions depot near Tehran
Iran: Top Revolutionary Guard commander among those killed in blast
US blog: Mossad behind Iran blast
Israelis wonder about deadly Iranian missile-site explosion

Was this Israeli orchestrated sabotage of an Iranian test, related to Iran’s nuclear weapons program or, perhaps, a U.S. B-2 strike, based on timely intelligence? Either possibility could be a plausible explanation for what occurred. One thing’s for damn sure, if it turns out that, indeed, two separate IRGC bases were hit near simultaneously, it wasn’t an accident.

/in any case, keep the Iranian “accidents” coming, they’re much easier to sell to the international community and much less disruptive to world markets than belligerent acts of war by foreign powers

Tuesdays With Microsoft

Tuesdays are the day when we patch the holey Microsoft products.

Patch Tuesday leaves Duqu 0-day for another day

November marked a light Patch Tuesday with just four bulletins, only one of which tackles a critical flaw.

All four advisories relate to problems in Windows. None is related to the zero-day vulnerability related to Duqu, the highly sophisticated worm reckoned to be related to the infamous Stuxnet pathogen.

See also:
Microsoft Security Bulletin Summary for November 2011
Microsoft Patch Tuesday Fixes Critical Windows 7 Bug, Leaves Out Duqu Zero-Day
Microsoft Fixes Four Bugs for November Patch Tuesday
Microsoft offers simple patch Tuesday for election day
Microsoft fails to patch Duqu, but fixes critical hole in Windows TCP/IP stack
One critical bulletin, no Duqu patch, in November 2011 Patch Tuesday updates
A mild November Patch Tuesday from Microsoft
Light Patch Tuesday May Lead To Out-of-Band Patch
Microsoft fixes gaping hole in Windows TCP/IP stack
Microsoft patches critical Windows bug, but not Duqu flaw
Microsoft patches critical Windows 7 bug, downplays exploit threat
Microsoft Leaves Duqu Worm Exploit Unpatched
Windows Update

I find it more than interesting that Microsoft is unable or unwilling to patch for the Duqu Virus. Is it intentional?

/anyway, you know the drill, get on with it

Do The Microsoft Patch Dance

The dance that never ends.

Microsoft Patch

Microsoft released 13 security bulletins, patching 22 vulnerabilities across its product line, including two critical updates affecting Internet Explorer and the Windows DNS Server.

While Microsoft issued fewer updates this month, August was still marked as a busy month for system administrators. Adobe Systems Inc., which issues fixes on a quarterly cycle, issued a critical security update late Tuesday, repairing seven flaws in its Shockwave Player, more than a dozen holes in its Flash Player and an error in its Flash Media Server.

Microsoft addressed seven vulnerabilities in Internet Explorer including two zero-day flaws. According to MS11-057, Microsoft said an attacker who successfully exploited any of the vulnerabilities could gain the same user rights as the local user. Microsoft said the most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer

. . .

Another noteworthy bulletin is MS11-065, which resolves a vulnerability in the Remote Desktop Protocol. Although the security bulletin is rated important for users of Windows Server 2003, Miller said Microsoft has seen attacks targeting the flaw in the wild. The flaw can be targeted if an attacker sends a malicious remote desktop protocol connection request to the victim’s computer which could cause the system to crash.

See also:
Microsoft Security Bulletin Summary for August 2011
Microsoft Fixes IE, Windows DNS Server Flaws In Patch Tuesday Update
Microsoft Patches 22 Security Holes
Microsoft Security Patch Fixes 20-Year-Old Flaw
Microsoft fixes 22 security bugs
Microsoft’s August Patch Tuesday security update to tackle critical flaws in IE and Windows Server
Your Microsoft Patch Tuesday update for August 2011
Microsoft to Fix 22 Software Flaws in Its August Patch Tuesday Update
Hefty Microsoft August Patch Delivers 13 Security Fixes
IE, Windows server bugs likely to be exploited soon
Microsoft expecting exploits for critical IE vulnerabilities
Microsoft Update

Get busy downloading.

/so, until the next Patch Tuesday . . .

Tuesday Is The Time At Microsoft When We Patch

It’s a relatively small one this time, but critical.

Microsoft Fixes 22 Bugs in July Patch Tuesday

Microsoft addressed 22 security vulnerabilities across four security bulletins in July’s Patch Tuesday update. Three of the patches fix issues in the Windows operating system.

The four bulletins patched issues in all versions of the Windows operating system and in Microsoft Visio 2003 Service Pack 3, Microsoft said in its Patch Tuesday advisory, released July 12. Of the patches, only one has been rated “critical.” The remaining three are rated “important,” according to Microsoft.

“Today’s Patch Tuesday, though light, should not be ignored, as these patches address vulnerabilities that allow attackers to remotely execute arbitrary code on systems and use privilege escalation exploits,” said Dave Marcus, director of security research and communications at McAfee Labs.

Security experts ranked Microsoft bulletin MS11-053, which addressed a critical vulnerability in the Windows Bluetooth stack on Windows Vista and Windows 7, as the highest priority. Attackers could exploit the vulnerability by crafting and sending specially crafted Bluetooth packets to the target system to remotely take control, Microsoft said in its bulletin advisory.

See also:
Microsoft Security Bulletin Summary for July 2011
Microsoft fixes 22 security holes
Microsoft issues critical patch for Windows 7, Vista users
Microsoft Releases 4 Updates for Windows and Office
Microsoft warns of critical security hole in Bluetooth stack
Security Experts Warn of Microsoft Bluetooth Vulnerability
Patch Tuesday Fixes Critical Bluetooth Flaw in Windows 7
‘Bluetooth sniper’ Windows vuln fix in light Patch Tuesday
Microsoft Squashes Bluetooth Bug
Microsoft patches ‘sexy’ Bluetooth bug in Vista, Windows 7
Microsoft Fixes 22 Bugs in July Patch Tuesday
Businesses should not ignore critical Microsoft Patch Tuesday update, say experts
Microsoft Patch Tuesday: four security bulletins
Microsoft Patch Tuesday – 12th July 2011
Windows Update

This isn’t the first time you’ve had to update Windows, you know what to do, so get busy.

/until next time, same patch time, same patch channel

Tuesday Fun With Microsoft

It’s another big one and the flaws are serious.

Microsoft Fixes 24 Bugs in June Patch Tuesday

Microsoft addressed 24 security vulnerabilities across 16 security bulletins in June’s Patch Tuesday update. This will be Microsoft’s second-largest Patch Tuesday in 2011 after April’s gargantuan release.

Microsoft patched the Windows operating system, all supported versions of Internet Explorer, Microsoft Office, SQL Server, Forefront, .NET/Silverlight, Active Directory and Hyper-V, the company said in its Patch Tuesday advisory released June 14. Of the patches, nine have been rated as “critical,” and seven have been ranked as important, according to Microsoft.

Microsoft called out four critical updates as top priorities on the Microsoft Security Response Center blog. They include a fix for all versions of the SMB Client on Windows (MS11-043), 11 bugs in all versions of Internet Explorer (MS11-050), another Windows flaw (MS11-052) and two issues in the DFS client for all versions of Windows (MS11-042), according to Trustworthy Computing’s Angela Gunn.

See also:
Microsoft Security Bulletin Summary for June 2011
Microsoft ‘Patch Tuesday’ Fixes 24 Flaws In 16 Updates
MS Patch Tuesday: Gaping holes haunt Internet Explorer browser
Patch Tuesday Fixes Dangerous Flaws with Exploits Imminent
Microsoft plugs 34 holes; Adobe fixes Flash Player bug
Microsoft patches critical IE9, Windows bugs
Patch Tuesday heralds a busy spell for admins
Microsoft Puts Out 16 Patches, 9 Critical, for June
Microsoft issues 16 bulletins, 9 critical including SMB, IE fixes
June Gloom: Microsoft Releases 16 Bulletins for Patch Tuesday
Windows Update

Damn, if Windows was a car that had been “repaired” this many times, it wouldn’t have any original parts left.

/anyway, get busy with the updating, don’t let the bad guys in, at least until they find new holes in Widows that Microsoft will have to patch next month