Risk
4/7/2011
10:44 PM
50%
50%

Microsoft’s Massive April Patch Tuesday

Many security teams may wish it was March once again. Last month Microsoft issued patches for just four vulnerabilities within three security bulletins.

This Tuesday won’t be nearly so tame. The company plans to release 17 separate bulletins that will fix 64 specific security related software flaws, according to its April Advanced Security Bulletin Notice.

Nine of these bulletins are ranked "critical," the company’s most severe rating. These flaws can be remotely exploited, which is what makes them so troublesome. The flaws affect Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework, and GDI+.

From the Microsoft Security Response Center:

This month we'll be closing some issues that Microsoft has already previously spoken to, including the SMB Browser (Critical) issue publicly disclosed Feb. 15. Microsoft assessed the situation and reported that although the vulnerability could theoretically allow Remote Code Execution, that was extremely unlikely. To this day, we have seen no evidence of attacks.

We are also planning a fix for the MHTML vulnerability in Windows, rated Important. We alerted people to this issue with Security Advisory 2501696 (including a Fix-It that fully protected customers once downloaded) back in late January. In March, we updated the advisory to let people know we were aware of limited, targeted attacks.

As always, Microsoft will host a webcast on Wednesday, April 13 where more details about the bulletins will be discussed.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0547
Published: 2015-07-04
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-0548
Published: 2015-07-04
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-4196
Published: 2015-07-04
Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardcoded password for a privileged account, which allows remote attackers to obtain root access by leveraging knowledge of this password and entering it in an SSH session, aka Bug ID CSCuq45546.

CVE-2015-4525
Published: 2015-07-04
The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.

CVE-2015-4231
Published: 2015-07-03
The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report