Nothing Pretty About Fireworks This Patch Tuesday

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Nothing Pretty About Fireworks This Patch Tuesday-7 Next

MS13-058 is the sole important bulletin in this batch. It’s an elevation of privilege issue affecting Windows Defender, which is Microsoft’s built-in security system. While it’s less worrisome than the other bulletins because it’s ranked important, it is still concerning in that it directly impacts the security system for the machine. Windows Defender is also free software, making it very widely used. If an attacker got in as a low-rights user and then used this bulletin to up their privilege level to admin, the impact would in fact be critical. Henry would rank this high in the priority list for that reason.

Threat: Important - Elevation of privilege
Restart: Not required
Affected software: Microsoft Security Software

IT admins may have taken the Fourth off to enjoy some fireworks, but they’ll be very busy this week patching their systems. It’s not a pretty Patch Tuesday this month with seven bulletins, six of which are critical. That brings our total of critical bulletins for the year to 22, which is fairly high, considering Microsoft released only 34 critical bulletins for the entire calendar year of 2012. July is one of the uglier releases we’ve seen from Microsoft this year. To say that all Microsoft products are affected and everything is affected critically is not an overstatement. It’s difficult to prioritize one or two because all the bulletins likely need your attention this Patch Tuesday.

While there may be speculation the extensive release is due to Microsoft’s bug bounty program, Paul Henry, security and forensic analyst at Lumension, believes that’s unlikely. Since the announcement of the program took most security researchers by surprise, it will likely be a few months before we really see the effects of the program. That said, he does expect to see the number of bulletins Microsoft issues increase over the second half of this year.

Microsoft has long resisted implementing a bug bounty program, which other vendors have found success with. The start of the program will likely increase the number of bulletins we see over time, but in the long run, will ensure that Microsoft products are more secure. It will also help motivate researchers to improve their disclosure with Microsoft over other sources that purchase vulnerabilities, which includes bad guys. This ensures Microsoft will be aware of vulnerabilities more quickly and we won’t see as many bugs being exploited in the wild before Microsoft is ready to release a patch.

All six of the critical bulletins this month are remote code execution vulnerabilities, which Henry finds concerning. Since these types of vulnerabilities give attackers access to your machine without needing physical access or sometimes even a password, it’s definitely a cause for concern.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.