On Tuesday, August 9 at 10AM PDT Microsoft plans to patch 22 vulnerabilities for Internet Explorer, Windows, Visio and Visual Studio as part of the August Patch Tuesday release.

Microsoft will release 13 security bulletins, two of which are rated “critical,” the company said Aug. 4. Nine were rated as “important” and the final two were listed as “moderate” according to the preview announcement.

Even though there are more bulletins than the July update, the number of vulnerabilities remained the same, which is unusual, considering Microsoft recently has been alternating large updates with small ones. August was expected to be a heavy month.

Considering there were 16 bulletins fixing 34 vulnerabilities in June and 17 bulletins fixing 64 bugs in April, 22 vulnerabilities across 13 bulletins doesn’t sound so big, after all. Even so, IT administrators still have a lot of work ahead of them, as they may still be dealing with the 78 patches from Oracle’s July Critical Patch Update on July 19 and Apple’s update for Mac OS X Lion on July 20, said Paul Henry, security and forensic analyst for Lumension. “Microsoft is making IT admins earn their Labor Day holiday,” Henry said.

The bi-monthly update for Internet Explorer is rated as critical and is most likely the one administrators should deploy first, Storms said. The IE update is critical for all platforms and applies to all versions, from IE 6 through 9 on Windows 7, Vista, XP, 2003 and 2008, according to Microsoft. This would be the second update for IE9 in less than five months since its release.

Two of the 13 bulletins are rated “critical,” Microsoft’s highest severity rating. Microsoft Windows users will want to pay special attention to the Internet Explorer bulletin because the issues can expose users to drive-by download attacks via the browser. The update fixes flaws that introduce remote code execution risks on all versions of Internet Explorer, including the newest IE 9. ”If left unpatched, attackers could use this vulnerability to remotely take control of victims’ systems,” said Wolfgang Kandek, CTO for Qualys.

Since the preview announcement doesn’t provide any details on what the actual flaw is being patched, users should limit their use of Internet Explorer to only visit trusted sites and be careful about clicking on links, said Marcus Carey, a security researcher for Rapid7. Servers should never be used to browse the Internet, but many organizations do so anyway, and “compromise their crown jewels,” Carey said.

Concerned users should consider using an alternate browser, such as Firefox or Chrome, until the patches are live, according to Carey. I say quit using Internet Exploiter altogether.

“While multiple browsers can be an administrative headache at times, it comes in handy in situations like this,” said Carey.

The other critical bulletin addresses flaws in the two newest versions of Microsoft’s server operating system, Windows Server 2008 and Server 2008 R2. While Server 2003 has the same vulnerability, Microsoft said the update was only “important” for that version.

“Server administrators should apply patches immediately as this vulnerability also leads to remote code execution,” said Kandek.

Nine bulletins are specific to Windows vulnerabilities, but five of them won’t apply to Windows XP. One of the bulletins addresses issues in Windows 7 and Server 2008 R2, the latest versions of the desktop and server software. Considering Vista shares a lot of code with Windows 7, it was a little puzzling that the bulletin did not patch Vista, according to Storms.

Microsoft is expected to update .NET framework, Visual Studio 2005 development tool and all supported versions of Visio. Microsoft also patched a DLL vulnerability in Visio last month that could have been exploited with a remote code execution attack.

“We have seen other Visio vulnerabilities fairly recently and recommend including the software in your regular patching cycle and/or have users not using that software remove it from their systems,” Kandek said.

A good point is made, if you not using a particular piece of software then remove it.

Another point, JavaScript and Flash are known two ways to infect your computer. I block them by default and maintain a white-list of sites that I allow them to function.

• Disabling JavaScript and Flash for untrustworthy sites. This will help to reduce possible attack vectors for these Trojans, and hence reduce the possibility of you ever seeing ‘Your PC is infected with malicious software and browse couldn’t be launched’ on your browser. Most web browsers will allow you to disable these options by default.
• Keeping your web browser updated. Updates will often fix security loopholes that are exploited to force malicious security programs like Trojans onto your PC.
• Avoiding downloads of anti-virus or anti-spyware programs from non-reputable sources. Many rogue security programs are widely-distributed through generalistdownload storehouse websites, and most will even have their own professional-looking home websites. Verify the integrity of an anti-malware program through multiple sources, beforehand. I highly recommend ESET’s offering.

This entry was posted on Sunday, August 7th, 2011 at 19:18 by dsmith and is filed under Adobe Flash, Anti-virus, Apple, Attack, Browser, Bugs, Chrome, Firefox, Flaw, MacOS, Malware, Microsoft, Patch, Security, Virus, Vulnerability, Windows, Windows 7, Windows Vista, Windows XP. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.