Links
Patch Tuesday
Microsoft’s Patch Tuesday has arrived, and there are two new security patches available. And although only a couple of patches were released, patching this month is just as important as ever. The first patch deals with a critical flaw in the XML Core services, which are called by Internet Explorer. This vulnerability could allow remote code execution. The second patch deals with the Server Message Block (SMB) protocol, used for file sharing in Windows. This patch is rated “important” by Microsoft, and could also result in remote code execution. Both patches are listed as “exploitable” by Microsoft. The patches are more critical on client workstations than servers, since they affect client programs such as web browsers. Gladiator recommends you install these patches during your standard release cycle.
Reference Links:
- SANS Black Tuesday Overview (http://isc.sans.org/diary.html?storyid=5330)
- Microsoft Security Bulletin (http://www.microsoft.com/technet/security/bulletin/MS08-nov.mspx?pubDate=2008-11-11)