Microsoft to release seven bulletins, three critical
Posted on 04 May 2012.
The Microsoft Security Bulletin Advance Notification for May 2012 contains 7 bulletins: three rated “critical” and the rest “important.” Just when most organizations and consumers have been fanning the flames of the first quarter, this serves notice that information security is a war and not a battle.

Bulletin 1 is a critical vulnerability in Microsoft Office. Since this bulletin is categorized as affecting Microsoft Office it's safe to say that this is a underlying issue on how it processes data. The vulnerability will likely be able to be exploited by crafting a malicious file that can be opened by any Microsoft Office applications.

This is becoming a recurring theme for organizations and end users because it's primed for phishing attacks. As we’ve learned over the past couple weeks, Mac users need to apply these patches as soon as possible as attackers are targeting them through Microsoft Office vulnerabilities.

Bulletins 2 & 3 are both rated as critical and affect all of Microsoft’s current operating systems, from Windows XP SP3 to Windows Server 2008. This means that all organizations and the entire user base will be affected by these critical bulletins. Bulletin 2 looks as if it can be exploited by crafting malicious Microsoft Office files, or perhaps crafting a malicious web page that would be processed by the vulnerable software, which is also likely the case with bulletin 3. Both of these critical bulletins would result in remote code execution if compromised.

Bulletins 4 & 5 are labeled as important, and would result in remote code execution if exploited. Both affect Microsoft Office applications. Labeling these bulletins as important indicates that an attacker will only inherit the permissions of the user. This means if a user is not an administrator, it's a somewhat lower risk. However, if a user has administrator privileges, these types of flaws can have the same impact as a critical rating.

Bulletins 6 & 7 are elevation-of-privilege vulnerabilities, meaning that a regular user can upgrade their privileges to administrator level with any valid login. An attacker uses privilege escalation exploits to entrench and further infiltrate organizations and consumers. These type of vulnerabilities would be chained to other attack vectors to be effective.


Author: Marcus Carey, security researcher at Rapid7.





Spotlight

The context-aware security lifecycle and the cloud

Posted on 25 November 2014.  |  Ofer Wolf, CEO at Sentrix, explains the role of the context-aware security lifecycle and illustrates how the cloud is shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Nov 26th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //