As previously announced in the Microsoft Security Bulletin Advance Notification released last week, this month’s patch cycle includes 13 bulletins intended to patch 26 vulnerabilities in several versions of Windows OS and Office. The record release is a far cry from last month’s lone patch.
The long list includes five bulletins rated “critical,” which specifically patch nine vulnerabilities that could lead to remote code execution. Unless patched, an attacker could exploit any of the said vulnerabilities to gain control of the user’s system. Most notable on the list is MS10-013, which could give an attacker complete control of an affected system. Considering the damage that exploiting this vulnerability could cause, it is very important that users patch their systems as soon as possible.
The February release also includes seven bulletins rated “important” and one rated “moderate.” It is also important to note the addition of MS10-015 to the list, which addresses the so-called 17-year-old hole described in Security Advisory 979682. However, Microsoft reiterates that while it is aware of publicly available proof-of-concept (POC) code for the issue, it has yet to see any active exploits. More information on the complete list of security advisories can be found in this Trend Micro Security Advisory page.
Coinciding with this month’s release is yet another FAKEAV variant detected by Trend Micro as TROJ_FAKEAV.BLJ, this FAKEAV incidentally purports to be a Windows Automatic Update that supposedly installs a Windows XP update. It then proceeds to use the same old scareware tactics that warn users of bogus system infections. Users are thus advised to download security updates only from the official Microsoft Security Bulletin page.
Trend Micro™ Smart Protection Network™ protects users from this threat by detecting and preventing the download of harmful codecs and malicious files such as TROJ_FAKEAV.BLJ.
Even non-Trend Micro product users can stay protected via HouseCall, Trend Micro’s free on-demand scanner that identifies and removes viruses, Trojans, worms, unwanted browser plug-ins, and other malware from infected systems.
Update as of February 1, 2010, 9:06 p.m. (GMT +8:00):
Microsoft has released an official statement concerning restart issues that some users are currently experiencing after installing this month’s patch updates. Specifically, initial analysis suggests that a limited number of users encounter a blue screen after installing MS10-015. As the Microsoft team continues to conduct tests, they have temporarily stopped offering the Windows Update. However, a workaround has been made available with a Microsoft Fix.