Links
March Patch Tuesday
Microsoft has announced three new patches for its monthly release cycle. One patch is rated critical, and affects both server and client operating systems. This patch covers a remote code execution vulnerability, and should be patched as soon as possible. The other two patches are rated important, and only affect servers. These vulnerabilities could allow spoofing, but not remote code execution. Detailed information for the patches can be found in Microsoft’s March Security Bulletin and at SANS Internet Storm Center. Summary information is included below:
- Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (MS09-006) – This vulnerability affects all versions of Windows, and is rated Critical by Microsoft. The exploitability index is, at most, a 2 (inconsistent exploit code likely). This replaces MS08-061.
- Vulnerability in SChannel Could Allow Spoofing (MS09-007) – This vulnerability affects servers using SSL and TLS. Clients can impersonate a server with knowledge of the public key only. The exploitability index is a 2.
- Vulnerabilities in DNS and WINS Server Could Allow Spoofing (MS09-008) – This vulnerability affects servers running DNS and WINS. Details for exploiting some of the vulnerabilities fixed in this patch are already public.
Gladiator recommends that users patch their systems quickly for MS09-006, as exploit code is possible.
Related Links:
- Microsoft Security Bulletin (https://www.microsoft.com/technet/security/bulletin/ms09-mar.mspx)
- Microsoft Advisory MS09-006 (http://www.microsoft.com/technet/security/bulletin/MS09-006.mspx)
- Microsoft Advisory MS09-007 (http://www.microsoft.com/technet/security/bulletin/MS09-007.mspx)
- Microsoft Advisory MS09-008 (http://www.microsoft.com/technet/security/bulletin/MS09-008.mspx)
- SANS ISC Diary Entry (http://isc.sans.org/diary.html?storyid=5995)