A Double Whammy Patch Tuesday from Microsoft and Oracle

Microsoft announced that they have released four security bulletins to address five separate current vulnerabilities. Especially concerning this month is the fact that all three bulletins rated “critical” also rate a “1” on Microsoft’s exploitability index (with MS10-042 addressing a vulnerability that is actively being exploited.)  Additionally, MS10-043 requires a reboot and affects Windows Server 2008 64-bit machines, which could be disruptive to some environments.

MS10-042 and MS10-043 cover vulnerabilities in the Windows Help and Support Center and Canonical Display Driver, respectively, and are rated critical, as the vulnerabilities addressed allow for remote code execution, typically the most-feared exploit type. MS10-043 could impact a large swath of Microsoft customers as it affects Windows 7 desktop users and Windows 2008 R2 servers, which are Microsoft’s most current desktop and server solutions.  Given the active exploit code that has been circulated, MS10-043 should be prioritized in testing and deployments.

MS10-044 and MS10-045 affect Microsoft Office. While MS10-044 is rated critical, fortunately its impact will be limited to those organizations that have built or utilized applications and processes based on Microsoft Access.  MS10-045 is only rated important, but we do want to strongly encourage users to pay attention to this since it addresses a vulnerability in Microsoft Outlook, Microsoft’s hugely popular email client.  Remote code execution vulnerabilities in email clients (continue reading...)