Page 1 of 2
September's Microsoft Patch Tuesday preview is shaping up to be a fairly simple one with only two bulletins in a list that is usually much longer. Both are rated as "important" and relate to privilege escalation vulnerabilities, which usually imply that the attacker already has some malware on the system in order to conduct the exploit.
The first bulletin is believed to impact FoxPro, requiring the installation of Microsoft Visual Studio Team Foundation Server 2010 Service Pack 1. The second bulletin is believed to be aimed at System Management Server and the installation of a new service pack.
[Related: When IT Security Goes Awry, Whose Head Will Roll?]
"They are not high profile and the severity is not high," said Wolfgang Kandek, CTO of Qualys. "But you still have to be attentive. You need to have a good inventory of the software that's actually installed on your enterprise. FoxPro is a little bit more likely to escape the attention of an IT administrator. But, the System Management Server is not likely to slip through the cracks."
Meanwhile, Alex Horan, senior product manager at Core Security, warns that cyber criminals often take advantage of low-intensity vulnerabilities that IT administrators and channel partners may be slow to patch.
"In terms of deployment, it just means that you're touching fewer servers, which from an administrator standpoint is a good thing," he said. "A lot of people don't put a high priority on elevation of privilege vulnerabilities, but they truly are a big deal because people usually take longer to patch them, and it's relatively easy to trick someone into running something for you that opens up an opportunity. So as an attacker, a privilege escalation vulnerability is pretty useful."
