Microsoft’s Patch Tuesday for this week has been the largest ever from the company. 13 security bulletins addressing 34 vulnerabilities were released. 22 of these vulnerabilities were considered critical. Microsoft has never addressed so many in a single month. The previous record, set in June, was only 31.
Included in the most recent Patch Tuesday, were patches for two vulnerabilities previously made public: one in Server Message Block Version 2 (SMBv2) and the other in Internet Information Services.
Security company Symantec has shared its views on this Patch Tuesday, which are quite positive. “We’re pleased that Microsoft released a patch for the SMBv2 vulnerability,” said Ben Greenbaum, senior research manager, Symantec Security Response. “The vulnerability was made public last month. We’ve yet to see a highly reliable exploit for it. Although we have seen limited attempts to exploit this vulnerability, we’re glad to see this fixed before widespread attacks occur.”
In addition, Microsoft also released the first security update for the release-to-manufacturing version of Windows 7. “The update that addresses vulnerabilities in Windows 7 relates to the Active Template Library issues Microsoft has been working on for a number of months now,” said Greenbaum. “It essentially disables additional faulty ActiveX controls created using the library that have been distributed across Windows users’ machines.”
Symantec says the vulnerabilities addressed in Internet Explorer and the GDI+ graphics library (what Windows uses to determine how to interact with certain graphics files that users encounter during everyday computer use) are serious too.
“The primary danger the GDI+ graphics library and Internet Explorer vulnerabilities pose is that these vulnerable components are present on the majority of Windows machines,” said Greenbaum. “Many of the issues addressed today are fairly trivial to exploit. For example, via a drive-by-download style attack. In that case, all a computer user would have to do to become infected by an attack using one of these vulnerabilities is unsuspectingly visit a compromised Web site.”
Needless to say, Symantec is strongly encouraging users to take advantage of these latest patches from Microsoft. They are also encouraging people in general, to regularly install vendor patches as soon as they are available, consider implementing an automated patch management solution, run all software with the least privileges required while maintaining functionality, and other basic security best practices.
