Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Development
    • Networking

    Microsoft Patch Tuesday Swats 23 Security Bugs, Including Duqu Exploit

    By
    Brian Prince
    -
    May 8, 2012
    Share
    Facebook
    Twitter
    Linkedin

      Microsoft released patches for 23 security vulnerabilities today as part of a busy Patch Tuesday that includes critical fixes for issues for Microsoft Windows, Silverlight, Microsoft Office and the .NET Framework.

      Of the seven bulletins, Microsoft recommends administrators turn their attention to two first: MS12-034 and MS12-029. Both bulletins are rated “critical,” address remote-code-execution issues and were given the highest rating on Microsoft€™s €œexploitability index.€ MS12-034, however, ties together 10 fixes across several product lines that were bundled together as part of an update meant to implement the final fixes on a vulnerability exploited by the notorious Duqu malware.

      Believed by many to be related to Stuxnet, Duqu was spotted in September exploiting a vulnerability affecting Microsoft Word. The company patched the bug with MS11-087, but other Microsoft products were discovered to contain the same vulnerability.

      €œAt first glance, MS12-034 may seem to be addressing a number of unrelated vulnerabilities in unrelated products,€ blogged Jonathan Ness, head of Microsoft€™s Security Response Center Engineering team. €œFor example, why would a keyboard layout handling vulnerability be addressed in the same update as a Silverlight issue? However €¦ we needed to address the font-parsing vulnerability (CVE-2011-3402) in a number of different products.€

      €œAs each new product was added to the security update package, the vulnerabilities planned-to-be-addressed in the same binary were also included,€ he continued. €œAddressing CVE-2011-3402 required us to service ogl.dll, gdiplus.dll, win32k.sys, Silverlight, .NET Framework, etc. Because gdiplus.dll was being addressed, several other fixes that were scheduled to be released in the same binary were looped in to this update.€

      €œIn a mixed bag of bulletins, MS12-034 stands out for its confusion factor,€ said Andrew Storms, director of security operations at nCircle.

      €œEvidently, Microsoft discovered that the same bits of bad code that were fixed in MS11-087 last year were copied and pasted into other applications, so they needed to fix those, too,€ he said. €œSince other changes were pending for those applications, all kinds of other bug fixes not related to Duqu are bundled into this bulletin €¦ Microsoft’s careful due diligence and adherence to their strict update processes may end up causing more confusion than clarity with this fix. It€™s probably best not to spend too much time analyzing€”just install the patch as soon as you can, and then move on.€

      MS12-029 should also garner attention, as it addresses a critical bug in Microsoft Office that could lead to remote-code execution if the victim opens or previews a malicious Rich Text Format (RTF) file using a vulnerable version of Microsoft Office.

      €œIn an email attack scenario, an attacker could exploit the vulnerability by sending specially crafted RTF-formatted data in the contents of an email message,€ Microsoft noted in its advisory. €œThe vulnerability could be exploited when the specially crafted RTF email message is previewed or opened in Outlook while using Microsoft Word as the email viewer. An attacker could also exploit the vulnerability by sending a specially crafted RTF file as an attachment and convincing the user to open the specially crafted RTF file.€

      In a Web-based attack scenario, €œan attacker could host a Website that contains an Office file that is used to attempt to exploit this vulnerability,€ according to Microsoft.

      The company is advising customers to apply MS12-029 as soon as possible.

      Also patched in the update are two critical vulnerabilities in the .NET Framework (MS12-035) that could enable an attacker to execute code if a victim views a specially crafted Webpage using a Web browser that can run XAML browser applications (XBAPs).

      €œThe .NET vulnerabilities are also prominent in this month€™s patches,€ said Joseph Chen, engineering director, security technology and response, at Symantec. €œExploits for this vulnerability are likely to be hosted as drive-by downloads on maliciously created or otherwise compromised Websites. So, as always, we strongly advise avoiding sites of unknown or questionable integrity, to protect from attacks seeking to use these security holes.€

      The remaining security bulletins are rated “important” and address issues in Microsoft Windows and Microsoft Office.

      Brian Prince

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×