Patch Tuesday Closes Zero Day

Tuesday, July 10, 2012 @ 05:07 PM gHale


Microsoft closed the zero-day vulnerability under attack for the past month as part of its monthly Patch Tuesday release.

The company released nine security bulletins addressing 16 vulnerabilities, of which three were critical, according to its July Patch Tuesday advisory. The remaining six rated “important.”

RELATED STORIES
Microsoft FixIt For XML Hole
Attack: IE Zero Day
RTFs Fall Victim to APTs
Microsoft Adjusts as Duqu Lingers

All three critical patches address issues where a victim could suffer an exploit if they visit malicious Web pages, said Marcus Carey, a security researcher at Rapid7. Two of the important patches fixed bugs that could be vulnerable to spearing phishing attacks, Carey said.

The zero-day vulnerability in Microsoft Core XML (MS12-043) disclosed in early June was undergoing active exploitation. The latest security update only fixed the heap overflow issue in MSXML versions 3, 4, and 6. Organizations running version 5, which corresponds to Office 2003 and 2007, should make sure to apply the interim FixIt measures until a future update is available. Microsoft has not see active exploits on the other two critical vulnerabilities, but officials predicted reliable exploit code could be out there within 30 days.

The cumulative security update for Internet Explorer (MS12-044) patched two remote code execution vulnerabilities that only affected Internet Explorer 9. Since earlier versions did not suffer from the vulnerability, it looks like the bugs came in with the new code in version 9. The other critical bulletin (MS12-045) fixed issues in Microsoft Data Access Components (MDAC). The vulnerability could compromise any Web application using MDAC if the user visits a malicious URL, Carey said.

Exploits targeting these vulnerabilities will likely soon appear in crimeware kits, Carey



Leave a Reply

You must be logged in to post a comment.