Microsoft Issues Three Patches For Eight Vulnerabilities - InformationWeek
Software // Operating Systems
04:19 PM
Connect Directly
Free Yourself from Legacy Apps
Jun 08, 2017
They've served their purpose years ago, but now they're stretching your IT budget and increasing s ...Read More>>

Microsoft Issues Three Patches For Eight Vulnerabilities

A "critical" update resolves a vulnerability in the Windows kernel that could allow remote code execution if a user views a maliciously crafted EMF or WMF image file.

Microsoft on Tuesday released three Security Bulletins addressing eight separate vulnerabilities.

One bulletin is rated "critical" and two are rated "important."

MS09-006 ("critical") resolves a vulnerability in the Windows kernel. The flaw could allow remote code execution if a user views a maliciously crafted EMF or WMF image file.

MS09-007 ("important") addresses a vulnerability in the Secure Channel (SChannel) security package in Windows. If exploited, it could allow spoofing, provided the attacker gains access to an end-user authentication certificate.

MS09-008 ("important") fixes vulnerabilities in the Windows DNS server and Windows WINS server. If exploited, these vulnerabilities could allow network traffic hijacking.

As expected, Microsoft did not patch the Excel vulnerability disclosed last month.

John Moyer, CEO of BeyondTrust, said in an e-mail that organizations should be particularly vigilant about malware attempting to exploit the Excel vulnerability given that Excel is used more frequently during tax season.

Alfred Huger, VP of development at Symantec Security Response, warned in an e-mail that the Windows kernel vulnerability could allow an attacker to take over a victim's computer using an HTML e-mail or an e-mail attachment containing a .WMF or .EMF image file. He added that being on the lookout for these lesser-known file types may not help since it's possible to disguise .WMF and .EMF files as more common image formats like .JPG.

Eric Schultze, CTO of Shavlik Technologies, said in an e-mail that MS09-006 follows a long line of image vulnerabilities. "The flaw actually resides in the Windows kernel -- but is only exploited when managing the malformed pictures," he said. "All that the attacker needs to do is encourage a victim to view a specially formatted image and the attacker can run code on the victim's system. The evil code will execute with system privileges -- even if the user wasn't logged on as an administrator."

"MS09-006 is going to be a huge undertaking," said Paul Henry, security forensic analyst at Lumension, in an e-mail. "The broad platform impact of the bulletin suggests that core services of the Windows operating system are to be modified, rather than isolated application components. When working on the core infrastructure, it opens up other applications to potential risk, making a simple patch deployment impossible. To make sure this is secure, IT departments will have to reboot all Windows machines in the entire enterprise."

Is your vulnerability management program ready for 2009? You can't protect everything, so the key is to focus to reduce exposure. Download the report here.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of Data and Analytics
Today's companies are differentiating themselves using data analytics, but the journey requires adjustments to people, processes, technology, and culture. 
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll