Gladiator Research and Security

Microsoft has announced five new patches today, including three that could allow remote code execution.  All five patches are rated Important by Microsoft and affect Microsoft Windows, Office, and Server software.  Despite the Important rating, Gladiator recommends you apply MS11-071, MS11-072, and MS11-073 due to the risk of remote code exploitation.  Detailed information regarding the patches can be found in Microsoft’s September Security Bulletin.  Summary information is included below:

Microsoft has announced thirteen new patches today to fix twenty vulnerabilities, including four that could allow remote code execution. Two patches are rated Critical by Microsoft and affects Microsoft Windows and Microsoft Internet Explorer. Nine other patches are rated Important by Microsoft and affects Microsoft Windows, Microsoft Office and Microsoft .NET Framework and Developer Tools. Gladiator recommends that users with impacted systems apply all Critical patches immediately. Detailed information regarding the patches can be found in Microsoft’s August Security Bulletin. Summary information is included below:

Lately, with the latest outbreak of malware mostly targeting user applications, I have been discussing the patching process with several IT administrators.  Frequently I will hear, “We don’t need to worry about patching, that is what WSUS (Windows System Update Services) is for.”  We agree that WSUS is a wonderful and easy process for updating your Microsoft components, but there are other applications on workstations and servers that need  critical security updates.  These updates can be performed manually, or could be included into third party patching software, like Lumension (formerly PatchLink).

Microsoft has announced four new patches today to fix 22 vulnerabilities.  One patch is rated Critical by Microsoft and affects Microsoft Windows.  The three other patches are rated Important by Microsoft and affect Microsoft Windows and Microsoft Office.  Gladiator recommends that users with impacted systems apply all patches immediately. Detailed information regarding the patches can be found in Microsoft’s July Security Bulletin. 

Microsoft has announced 16 new patches today to fix 16 vulnerabilities, including nine that could allow remote code execution.  Eight patches are rated Critical by Microsoft and affect Microsoft Windows, Microsoft Internet Explorer, and Microsoft Silverlight.  The seven other patches are rated Important by Microsoft and affect Microsoft Windows, Microsoft Visual Studio, and Microsoft Office.  Gladiator recommends that users with impacted systems apply all Critical patches immediately. Detailed information regarding the patches can be found in Microsoft’s June Security Bulletin.  Summary information is included below:

Microsoft has announced 2 new patches today to fix vulnerabilities with Microsoft Windows and Microsoft Office.  One patch is rated Critical by Microsoft and affects Microsoft Windows.  The other patch is rated Important by Microsoft and affects Microsoft Office.  Gladiator recommends that users with impacted systems apply both patches immediately. Detailed information regarding the patches can be found in Microsoft’s May Security Bulletin.

Microsoft has announced 17 new patches today to fix 64 vulnerabilities across Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework, and GDI+.  Nine patches are rated Critical by Microsoft and affect Microsoft Windows, Office, and Internet Explorer.  The eight other patches are rated Important by Microsoft and affect Microsoft Windows, Microsoft Office, and Microsoft Developer Tools and Software.  Gladiator recommends that users with impacted systems apply all Critical patches immediately. Detailed information regarding the patches can be found in Microsoft’s April Security Bulletin.