Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us


    System administrators are in for a light Patch Tuesday this month as Microsoft released only four bulletins in its monthly security update.

    The Microsoft Security Bulletin Summary for November 2011 tackles and addresses multiple vulnerabilities in Microsoft Windows. According to the notice, one of the bulletins is rated “critical”, while two are rated “important” and remaining one is rated “moderate.”

    Majority of the bulletins apply to newer versions of Windows and require a reboot. The critical bulletin only affects Windows Vista, Windows 7, and Windows 2008 Server R2.

    This Patch Tuesday gave a break to many IT administrators, however the real question on everyone’s mind is zero-day vulnerability related to DUQU. The vulnerability is exploited through a malicious Microsoft Word document. When opened, a zero-day kernel vulnerability is taken advantage of to execute malicious code. Microsoft did not release a patch in this cycle but has already issued a temporary fix for the exploit found here. The advisory provides a workaround by disabling the rendering of embedded TrueType fonts.

    Additionally, Microsoft also raised their concern on the exploitability of MS11-083, giving it an Exploitability Index of “2″. They gave several scenarios wherein the vulnerability is exploited, and eventually used to achieve remote code execution.

    Users are advised to immediately download and apply these patches as soon as possible. For more information regarding this month’s Patch Tuesday release, visit the Trend Micro security advisory page.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice