Ok well it’s a big patch Tuesday for Microsoft with 17 updates, 9 of these considered critical covering 64 vulnerabilities in Microsoft Windows, Internet explorer and Office. I’m not going to bore you with a list of bug codes, however if you want the full bug list it is available here http://www.microsoft.com/technet/security/bulletin/ms11-apr.mspx
However there is some items to be aware of and to make sure you patch immediately. MS11-034 covers over 30 vulnerabilities that is rated as consistent exploit code likely, something we see as High Risk. In the wrong hands this will allow an attacker to remotely load code and execute anything on your machine!
MS11-018 is a Critical vulnerability effecting Internet explorer 6, 7 and 8. So now’s a great time to switch to Chrome or Firefox, however if you’re stuck on IE this particular vulnerability make sure you patch. This is what is typically referred to as a drive-by-download exploit. Simply visiting a specially made website that contains code that takes advantage of this bug will allow the remote attacker to take control of the machine, at the user account level. Once again don’t run as administrator when you are web surfing, if the exploit has to work on becoming an administrator or elevating privilege it becomes much more difficult.
If you use Microsoft Office a new feature called Office File Validation is finally available for office 2003 and 2007. This new feature will look to make sure the office document, spreadsheet or powerpoint meets the standard layout and file fingerprint. A nice feature to help decrease the chance of an infected file running on the machine.
In other security news Adobe Flash Player 10.2.153.1 and earlier for Windows, Mac and Linux has released a security advisory APSA11-02. http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html
This vulnerability is currently out in the wild and is targeting Word .doc files with an embedded flash .swf. file embedded in them. This can allow an attacker to remotely execute code or cause a denial-of-service condition.
What this means to you?
Currently there is no patch or fix, so be carefull with any email attachments. There is a great article from us-cert.gov that covers security precautions when opening email. http://www.us-cert.gov/cas/tips/ST04-010.html
Make sure you patch your Adobe flash player as soon as a release is available.
For those that download and watch movies on your laptops, VideoLan security Advisory 1103, found MP4 files that could be used to trigger execution of arbitrary code.
What this means to you?
Update to VLC media Player 1.1.9
Be careful where you download your files from, we’ve seen many VLC and codec exploits in time past.
Never download an unknown codec, and if a file won’t play don’t download a player to play that new TV show or movie.
Stick to Netflix, hulu, or one of your network stations websites, they offer a lot of free legal and safe online content.
Stay tuned as we continue to post more security tips and tricks, check us at least every Tuesday as we are constantly adding new information.