Page 2 of 2
After the IE9 patch, Lumension's Henry points to a TrueType font issue as the second most important item on the list. "There are three vulnerabilities here, the worst of which is a remote code execution," he said. "The problem is that this exploit renders at the kernel level. So if the bad guy can get that, particularly TrueType Font, and build it into an exploit, he can get root. So this is absolutely a high priority because it could be remote code executable."
"There is also a theoretical possibility that one can exploit this through third-party browsers or other third-party software," added Andrew Storms, director of security operations at nCircle.
Another patch is tied to Briefcase, a program that is no longer in wide use. "If you are using Briefcase, this should definitely be a concern," said Henry. "It's both ugly and critical, and it affects XP all the way through Windows 7. Briefcase allows you to sync files across your laptop and your desktop. But if you've mapped to a vulnerable or malicious briefcase, remote code could execute on the machine from which you have mapped."
"The briefcase vulnerability is very difficult to execute," said Miller. "It's going to be a man-in-the-middle attack. They need to get somewhere on your network in order to gain access to this. But, Briefcase is not all that common anymore."
Other patches for November include protections against remote code executions in Windows Shell and .Net, as well as a fix to a potential information disclosure breach in Microsoft Internet Information Service (IIS).