The SANS 'Securing Windows with the Critical Security Controls' course (SEC505) will be offered at the December conference in Washington DC.
It's Back To School - With An Exceptionally Light Patch Tuesday
This Patch Tuesday is a welcome light one with only a single critical issue in the Cumulative update for Internet Explorer and only three important issues. Back in September 2013 we saw a much larger IT work load with 13 bulletins — 4 critical and 9 important.
Looking at the details this Patch Tuesday, we have MS14-052 that is the cumulative update for Internet Explorer, which is rated as Critical and that handles mitigations for 37 CVE, related issues. Microsoft has recently updated their Exploitability Index and indicates that for this Internet Explorer patch, Microsoft has seen exploits; hence this patch is for most environments a very high priority.
August Patch Tuesday is a Big Win for IE
This patch Tuesday handles 2 Critical and 7 important issues. The good news is that 28 CVE related issues for Internet Explorer have been addressed including CVE 2014-2817 (attacks seen in the wild) and CVE 2014-2819 (publicly reported). The balance of the IE issues were privately reported and have not seen active attacks. Lastly for Internet Explorer, Microsoft is also now blocking out of date ActiveX Controls.
Summary of Bulletins:
- MS14-043 Mitigates a Critical issue in Windows Media Center could allow Remote Code Execution. The vulnerability could be taken advantage of with a specially crafted office document sent via email. The patch addressed 1 related CVE issue.
- MS14-044 Mitigates an
July Patch Tuesday Brings 6 Bulletins Addressing 29 CVE's
This Patch Tuesday we have 6 bulletins — 1 Moderate, 3 Important and 2 Critical. While July's patches address 29 CVE issues none are reportedly being used in the wild. Several issues reported during the Pwn2Own hacking contest are corrected this Patch Tuesday.
Looking at the details:
- MS14-037 is a Cumulative Security Update for IE. It is rated critical and mitigates 24 CVE issues. Only 1 was reported publicly and it addresses a certificate handling issue.
- MS14-038 mitigates a Critical issue that impacts the Windows Journal that could allow a Click2Pwn exploit. This patch mitigates 1 CVE related issue.
- MS14-039 is an Important issue that mitigates a vulnerability in the On-Screen Keyboard that could allow an
June Patch Tuesday Brings 7 Bulletins Addressing 66 CVE's
Good News Is - None Are Being Used In Active Attacks
This Patch Tuesday we have 7 bulletins — 5 Important and 2 Critical. While June's patches address 66 CVE issues none are reportedly being used in the wild. In fact only two of the 66 CVE's were publicly disclosed.
Looking at the details
- MS14-030 is an Important issue that impacts Remote Desktop that could allow Tampering. This patch mitigates 1 CVE related issue.
- MS14-031 is an Important issue that impacts the TCP Protocol that could allow a Denial of Service. This patch mitigates 1 CVE related issue.
- MS14-032 is an Important issue that impacts Lync Server that could allow Information Disclosure. This patch mitigates 1 CVE related issue.