Thursday, July 12, 2012

Security patch time

It's the second Tuesday of the month (OK, OK, that was a couple days ago) and that means that Windows users need to get their monthly dose of Security Goodness via Windows Update.  This month is particularly important, because there's a Day Zero exploit circulating targeting a bug that Microsoft just patched:
Microsoft has patched an under-attack zero-day vulnerability in XML Core Services as part of the July edition of Patch Tuesday.

The critical security update (MS12-043) addresses a security flaw that has made its way into the Blackhole Exploit toolkit since its discovery last month. A further two critical updates cover a cumulative security update for Internet Explorer and a remote code execution flaw in MS Data Access Components (a part of Windows), respectively. The six other bulletin issued on Tuesday cover lesser security flaws.

...

Storms added that the IE patch is significant because it represents a step up in frequency for browser security updates from Microsoft.
Translation in plain English: get patching.  Windows 7 users can go to the taskbar "Show Hidden Icons" thingie, and will find Windows Update in that list.  Everyone can also take Internet Explorer (it has to be Microsoft's browser) to microsoft.com/security to hit the link on the left called Security Updates.

You want this one, folks, since it fixes a ton of other bugs and sets you up with a new updater to pull down new revoked security certificates.  It seems that certificate hacking is the new security hotness, so this seems pretty big.

4 comments:

  1. Already patched, but thanks for the heads up.

    ReplyDelete
  2. Sweet and thanks for the plain English explanation:)

    ReplyDelete
  3. I started seeing certificate hacks out in the wild a few weeks before MS announced it; including a server out in China spoofing as an MSUpdate server.

    They were even advertising BGP for an unused portion of an MS owned netblock.

    The only reason I knew they were illegit, was because it was because I was doing traffic analysis on a rootkitted machine, and it shouldn't have been contacting any MSupdate servers directly, so I chased it down.

    ReplyDelete
  4. I keep on top of updates, and have ditched IE in favor of Firefox. My antivirus stays up to date and scans daily. I know way too many folks who don't bother with any of that, for some reason, even though its mostly automated these days.

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.