Microsoft Security Bulletin MS07-061 describes a publicly reported flaw in the way the Windows shell handles Uniform Resource Identifier (URI) strings. An attacker exploiting this vulnerability could execute arbitrary code on the affected system.
Eric Schultze, chief technology officer of St. Paul, Minn.-based Shavlik Technologies, said that it's a light month for patches but welcomed the URI fix. "A very critical patch was released," he said. "This patch addresses a security issue that's being actively exploited on the Internet. So it's important to get this patched immediately."
Microsoft Security Bulletin MS07-062 describes a vulnerability in Windows DNS Servers that could allow an attacker to spoof DNS requests and thereby redirect Internet traffic from legitimate sites.
The affected Microsoft operating systems include certain versions of Windows XP and Windows Server 2003. The spoofing vulnerability also affects Windows 2000 Server Service Pack 4.
In an e-mailed statement, Ben Greenbaum, senior research manager at Symantec Security Response said, ""We find the DNS spoofing issue to be of interest as well because it could allow, for example, attackers to send victims to a phishing site without the use of a phishing e-mail as bait."
However, Schultze said that for most of the world, this is a non-issue. "If you're a DNS administrator then it should be your top priority to get this patch installed," he said, even if the associated attack is beyond the means of the typical script kiddie.
Microsoft also re-released Microsoft Security Bulletin MS07-049 to address problems some people were having with the installer.
Finally, Microsoft said that a patch addressing a flaw in a Macrovision driver was available at the vendor's site. "As your probably also aware we recently released Security Advisory 944653 regarding a vulnerability in secdrv.sys, a SafeDisc driver, which is made by Macrovision and shipped in certain versions of Microsoft Windows," the company said on the Microsoft Security Response Center blog. "Macrovision has also released an Advisory and posted a manual patch to update the system driver, secdrv.sys, on Window XP and Windows Server 2003 systems, which is available at [Macrovision's site]. It's important to note that Microsoft Windows Vista is not affected by this vulnerability."
"I would not be shocked to see Microsoft release the patch later this month as an out-of-band release," Schultze said.
Despite the light patch-related workload this month, Schultze warned against complacency. "Consider it the calm before the storm," he said. "We don't know when the storm is coming but there's sure to be one."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.