Microsoft Patch Tuesday Roundup - April 2011
It's very exciting (depending on your perspective) when there is a record-breaking Microsoft Patch Tuesday! April 2011 is the largest Patch Tuesday release in history, with 17 bulletins covering 64 different vulnerabilities across several products. While everyone is beating the "Microsoft Patch Tuesday Crisis Drum", attackers are continuing to have success breaking into major organizations using the "exploit du jour", some social engineering methods or a combination of both.
What I would like to suggest is a weekly, or even daily, "patch rally". Patching needs to be an ongoing process of checking to see if patches are available, applying the patches, and then verifying that the patches have been applied and installed properly. I don't think we need to "take time to stop and patch"; we just need to patch as a normal, everyday, regular business operation. It's sad that we have to install more software to fix broken software, but it has become the way of the IT world. If your business cannot sustain being patched, the you've probably chosen the wrong software and configurations and your business will likely be negatively affected. The negative effects happen in two ways: 1) you install the patches and your system and/or software fails as a result of a bug in either the software or the software patch or 2) you don't apply the patch and attackers compromise the system and ruin the integrity of the system and the data contained therein. So, hence my cry to "rally to the patch"!
To further aid in your efforts to evaluate the exposures presented by the vulnerabilities addressed by Microsoft’s Patch Tuesday, Tenable's Research team has published Nessus plugins for each of the security bulletins issued this month:
- MS11-018 - Cumulative Security Update for Internet Explorer - Nessus Plugin ID 53375 (Credentialed Check)
- MS11-019 - Vulnerabilities in SMB Client Could Allow Remote Code Execution - Nessus Plugin ID 53376 (Credentialed Check)
- MS11-020 - Vulnerability in SMB Server Could Allow Remote Code Execution - Nessus Plugin ID 53377 (Credentialed Check)
- MS11-021 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Nessus Plugin ID 53378 (Credentialed Check)
- MS11-022 - Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution - Nessus Plugin ID 53379 (Credentialed Check)
- MS11-023 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Nessus Plugin ID 53380 (Credentialed Check)
- MS11-024 - Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution - Nessus Plugin ID 53381 (Credentialed Check)
- MS11-025 - Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution - Nessus Plugin ID 53382 (Credentialed Check)
- MS11-026 - Vulnerability in MHTML Could Allow Information Disclosure - Nessus Plugin ID 53383 (Credentialed Check)
- MS11-027 - Cumulative Security Update of ActiveX Kill Bits - Nessus Plugin ID 53384 (Credentialed Check)
- MS11-028 - Vulnerability in .NET Framework Could Allow Remote Code Execution - Nessus Plugin ID 53385 (Credentialed Check)
- MS11-029 - Vulnerability in GDI+ Could Allow Remote Code Execution - Nessus Plugin ID 53386 (Credentialed Check)
- MS11-030 - Vulnerability in DNS Resolution Could Allow Remote Code Execution - Nessus Plugin ID 53387 (Credentialed Check)
- MS11-031 - Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution - Nessus Plugin ID 53388 (Credentialed Check)
- MS11-032 - Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution - Nessus Plugin ID 53389 (Credentialed Check)
- MS11-033 - Vulnerability in WordPad Text Converters Could Allow Remote Code Execution - Nessus Plugin ID 53390 (Credentialed Check)
- MS11-034 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege - Nessus Plugin ID 53391 (Credentialed Check)
Resources
Related Articles
Managing OT and IT Risk: What Cybersecurity Leaders Need to Know
October 7, 2024Security leaders face the challenge of managing a vast, interconnected attack surface, where traditional approaches to managing cyber risk are no longer sufficient. Modern threats exploit vulnerabilities across domains, requiring a more holistic approach to avoid operational disruption, safety risks and financial losses.
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
- Patch Auditing