Critical Patch Tuesday Pains I.T. Admins

[Sunite]

Critical Patch Tuesday Pains I.T. Admins
By Jennifer LeClaire
August 14, 2007 8:44AM

   Digg It!   Bookmark to You are not allowed to view links. Register or Login
One source of pain for I.T. admins dealing with Microsoft's August Patch Tuesday set of updates is that all six critical patches require system reboots. Along with two of the important patches, the critical patches all address bugs that, if exploited, could allow remote code execution, giving hackers the ability to take over a machine.

Related Topics
   Microsoft
   Windows
   Office
   Patch
   Vulnerability
   Bugs
   Updates

Latest News
   Notebooks Drive Massive Growth at HP
   AT&T Buys Pay-Per-Call Search Firm
   Can Salesforce Become a Platform?
   SAP Cuts Ties with Execs at Subsidiary
   Vodafone Balks at T-Mobile iPhone Deal
Advertisement

Advertisement

   Patch Tuesday is upon I.T. admins once again, but this month's update has headache written all over it, according to security Relevant Products/Services analysts. Microsoft Relevant Products/Services is issuing nine patches, six of them rated "critical" and three rated "important." The patches will plug holes in Windows, Office, Internet Explorer, Windows Media Player, and Virtual PC.

Although this is not Microsoft's biggest Patch Tuesday in terms of number of updates, the details of the patches indicate a broad spectrum of exposure, according to Paul Zimski, senior director of Market and Product Strategy for PatchLink.

"This is a target-rich environment for hackers," Zimski said. "Organizations need to remediate these vulnerabilities as quickly as possible to avoid falling victim to quick turnaround exploits."

Hacker Heaven

One source of pain for I.T. admins is that all six critical patches require system reboots. Along with two of the important patches, the critical patches all address vulnerabilities that, if exploited, could allow remote code execution, giving hackers the ability to take over a machine.

"This creates a nightmare scenario, and is not far off from complete administrator access -- the favorite attack vector," Zimksi said.

One of the six critical patches not only affects Microsoft Office running on several flavors of Windows, but also affects Office 2004 for Mac. This type of vulnerability is part of an alarming trend, according to Zimski.

"There is an increasing number of attacks occurring at the application layer, illustrating the need for a cross-platform vulnerability management strategy," Zimski said. "Only paying attention to Microsoft -- no matter how serious this round of patches may be -- does not promote a secure foundation," he added. "Organizations must be vigilant across all their applications and operating systems."

Mislabeled Vulnerabilities?

Some security researchers are insisting that at least one of the patches Microsoft has labeled "important" should be treated as critical. The patch in question is for Windows Media Player.

"This is only given a rating of 'important' because it requires some form of user interaction, but many users browsing the Internet are viewing media. Even if an organization blocks certain Web sites or active content, they typically don't block streaming media, which could easily trick users into compromise if this vulnerability is exploited," Zimski said.

As part of the patch rollout, Microsoft is releasing an updated version of the Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. Microsoft is also releasing other nonsecurity, high-priority updates on Microsoft Update and Windows Server Update Services.