Microsoft Patch Tuesday Roundup - April 2011
It's very exciting (depending on your perspective) when there is a record-breaking Microsoft Patch Tuesday! April 2011 is the largest Patch Tuesday release in history, with 17 bulletins covering 64 different vulnerabilities across several products. While everyone is beating the "Microsoft Patch Tuesday Crisis Drum", attackers are continuing to have success breaking into major organizations using the "exploit du jour", some social engineering methods or a combination of both.
What I would like to suggest is a weekly, or even daily, "patch rally". Patching needs to be an ongoing process of checking to see if patches are available, applying the patches, and then verifying that the patches have been applied and installed properly. I don't think we need to "take time to stop and patch"; we just need to patch as a normal, everyday, regular business operation. It's sad that we have to install more software to fix broken software, but it has become the way of the IT world. If your business cannot sustain being patched, the you've probably chosen the wrong software and configurations and your business will likely be negatively affected. The negative effects happen in two ways: 1) you install the patches and your system and/or software fails as a result of a bug in either the software or the software patch or 2) you don't apply the patch and attackers compromise the system and ruin the integrity of the system and the data contained therein. So, hence my cry to "rally to the patch"!
To further aid in your efforts to evaluate the exposures presented by the vulnerabilities addressed by Microsoft’s Patch Tuesday, Tenable's Research team has published Nessus plugins for each of the security bulletins issued this month:
- MS11-018 - Cumulative Security Update for Internet Explorer - Nessus Plugin ID 53375 (Credentialed Check)
- MS11-019 - Vulnerabilities in SMB Client Could Allow Remote Code Execution - Nessus Plugin ID 53376 (Credentialed Check)
- MS11-020 - Vulnerability in SMB Server Could Allow Remote Code Execution - Nessus Plugin ID 53377 (Credentialed Check)
- MS11-021 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Nessus Plugin ID 53378 (Credentialed Check)
- MS11-022 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Nessus Plugin ID 53379 (Credentialed Check)
- MS11-023 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Nessus Plugin ID 53380 (Credentialed Check)
- MS11-024 - Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution - Nessus Plugin ID 53381 (Credentialed Check)
- MS11-025 - Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution - Nessus Plugin ID 53382 (Credentialed Check)
- MS11-026 - Vulnerability in MHTML Could Allow Information Disclosure - Nessus Plugin ID 53383 (Credentialed Check)
- MS11-027 - Cumulative Security Update of ActiveX Kill Bits - Nessus Plugin ID 53384 (Credentialed Check)
- MS11-028 - Vulnerability in .NET Framework Could Allow Remote Code Execution - Nessus Plugin ID 53385 (Credentialed Check)
- MS11-029 - Vulnerability in GDI+ Could Allow Remote Code Execution - Nessus Plugin ID 53386 (Credentialed Check)
- MS11-030 - Vulnerability in DNS Resolution Could Allow Remote Code Execution - Nessus Plugin ID 53387 (Credentialed Check)
- MS11-031 - Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution - Nessus Plugin ID 53388 (Credentialed Check)
- MS11-032 - Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution - Nessus Plugin ID 53389 (Credentialed Check)
- MS11-033 - Vulnerability in WordPad Text Converters Could Allow Remote Code Execution - Nessus Plugin ID 53390 (Credentialed Check)
- MS11-034 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege - Nessus Plugin ID 53391 (Credentialed Check)
Resources
Related Articles
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
November 22, 2024Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against cyberattacks.
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
- Patch Auditing