Risk
4/7/2011
10:44 PM
50%
50%

Microsoft’s Massive April Patch Tuesday

Many security teams may wish it was March once again. Last month Microsoft issued patches for just four vulnerabilities within three security bulletins.

This Tuesday won’t be nearly so tame. The company plans to release 17 separate bulletins that will fix 64 specific security related software flaws, according to its April Advanced Security Bulletin Notice.

Nine of these bulletins are ranked "critical," the company’s most severe rating. These flaws can be remotely exploited, which is what makes them so troublesome. The flaws affect Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework, and GDI+.

From the Microsoft Security Response Center:

This month we'll be closing some issues that Microsoft has already previously spoken to, including the SMB Browser (Critical) issue publicly disclosed Feb. 15. Microsoft assessed the situation and reported that although the vulnerability could theoretically allow Remote Code Execution, that was extremely unlikely. To this day, we have seen no evidence of attacks.

We are also planning a fix for the MHTML vulnerability in Windows, rated Important. We alerted people to this issue with Security Advisory 2501696 (including a Fix-It that fully protected customers once downloaded) back in late January. In March, we updated the advisory to let people know we were aware of limited, targeted attacks.

As always, Microsoft will host a webcast on Wednesday, April 13 where more details about the bulletins will be discussed.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3308
Published: 2015-09-02
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

CVE-2015-4330
Published: 2015-09-02
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.

CVE-2015-6274
Published: 2015-09-02
The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to cause a denial of service (ESP QFP CPU consumption) by triggering packet fragmentation and reassembly, aka Bug ID CSCuv71273.

CVE-2015-6277
Published: 2015-09-02
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote...

CVE-2015-6587
Published: 2015-09-02
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.