Risk
4/7/2011
10:44 PM
Connect Directly
RSS
E-Mail
50%
50%

Microsoft’s Massive April Patch Tuesday

Many security teams may wish it was March once again. Last month Microsoft issued patches for just four vulnerabilities within three security bulletins.

This Tuesday won’t be nearly so tame. The company plans to release 17 separate bulletins that will fix 64 specific security related software flaws, according to its April Advanced Security Bulletin Notice.

Nine of these bulletins are ranked "critical," the company’s most severe rating. These flaws can be remotely exploited, which is what makes them so troublesome. The flaws affect Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework, and GDI+.

From the Microsoft Security Response Center:

This month we'll be closing some issues that Microsoft has already previously spoken to, including the SMB Browser (Critical) issue publicly disclosed Feb. 15. Microsoft assessed the situation and reported that although the vulnerability could theoretically allow Remote Code Execution, that was extremely unlikely. To this day, we have seen no evidence of attacks.

We are also planning a fix for the MHTML vulnerability in Windows, rated Important. We alerted people to this issue with Security Advisory 2501696 (including a Fix-It that fully protected customers once downloaded) back in late January. In March, we updated the advisory to let people know we were aware of limited, targeted attacks.

As always, Microsoft will host a webcast on Wednesday, April 13 where more details about the bulletins will be discussed.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3562
Published: 2014-08-21
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

CVE-2014-3577
Published: 2014-08-21
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-...

CVE-2014-5158
Published: 2014-08-21
The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary commands via unspecified vectors.

CVE-2014-5159
Published: 2014-08-21
SQL injection vulnerability in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary SQL commands via the ws_data parameter.

CVE-2014-5210
Published: 2014-08-21
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.