Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Cisco Partner Summit Digital 2020 Lenovo Tech World Newsroom HPE Zone The Business Continuity Center Masergy Zenith Partner Program Newsroom Dell Technologies Newsroom Fortinet Secure Network Hub Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom The IoT Integrator Lenovo Channel-First NetApp Data Fabric Intel Tech Provider Zone

Microsoft Releases Critical Patch For Vista, Windows 7

Microsoft has released four patches, one critical, but has yet to provide a permanent fix for the vulnerability exploited by the infamous Duqu Trojan.

The latest Patch Tuesday release, typically on the second Tuesday of every month, did not contain a fix for the vulnerability exploited by Duqu, a data-gathering Trojan reported last month that experts believe was created for industrial cyber-espionage. Microsoft released a temporary fix last week for the previously unknown Windows flaw.

The only critical fix in the latest release is MS11-083, which lets a hacker execute code through the TCP/IP stack of Vista, Windows 7 or Windows Server 2008.

"We estimate an attack attempting to leverage it would take a considerable amount of time; perhaps four to five hours to complete a single attack," Joshua Talbot, security intelligence manager at Symantec, said in a statement. "However, if an attacker can pull it off, the result would be a complete system crash or compromise, if the attacker develops a reliable means of exploitation."

The difficulty in attacking the flaw led Microsoft to give it an exploitability rating of 2. A rating of 5 is considered most dangerous.

One other vulnerability, MS11-085, could also enable the execution of malicious code. Rated as important, the flaw is in Windows Mail and Meeting Space in Vista, Windows Server 2008 and Windows 7.

Also rated important is MS11-086, a vulnerability in Active Directory that a hacker could use to obtain a revoked certificate and use it to gain network access. The flaw was the only one that affected Windows XP and Windows Server 2003, as well as the newer OSes. The lowest rating, moderate, was given to MS11-084, which could allow a denial of service attack, if a person opened a modified TrueType font file sent as an e-mail attachment. The vulnerability is in Windows 7 and Windows Server 2008.

Microsoft said last week that this month's patch release would not include a permanent fix for Windows vulnerability used by Duqu. The flaw is in the Win32k TrueType font parsing engine, where it can be used to run code in kernel mode, the company says. Such access could enable an attacker to install programs, change or delete data, or create new user accounts with full rights to a system. Microsoft released a temporary fix for the Windows flaw and said a permanent one would be available later. No date was given.

Duqu holds similarities to the Stuxnet worm that damaged the control systems in Iran's nuclear facility. Experts disagree over whether Duqu was written by the same team of hackers.

Back to Top



trending stories

sponsored resources