Qualys Blog

www.qualys.com
wkandek

October 2011 Patch Tuesday

Guest blog from Amol Sarwate, Manager of Vulnerability Labs for Qualys.

Microsoft released today fixes for a total of eight security bulletins, out of which two are marked as critical and the rest are marked as important.

The highest priority should be given to MS11-081 which patches a code execution vulnerability in Internet Explorer. The exploit occurs when a victim uses IE to browse a malicious website. High priority should also be given to MS11-078 which fixes a vulnerability in Microsoft Silverlight and the .NET framework. This vulnerability is also exploited when a victim browses a malicious website with a Silverlight enabled browser.

The rest of the six bulletins are classified below. In our opinion they can be scheduled after the critical bulletins are patched:

Two DLL preloading issues were fixed by MS11-075 and MS11-076. More information about DLL preloading and workarounds can be found in advisory 2269637 from last year. Two local EoP issues were fixed in win32k.sys and AFD.sys by MS11-077 and MS11-080. To exploit these issues, attackers already need to have access to the target systems to gain higher privileges. Two patches were released for less pervasive technologies, namely Forefront Unified Access Gateway and Host Integration Server. In our opinion, the exposure for this is very low, but if your corporation uses these technologies, then patching is recommended.

Although eight bulletins were released, we do not expect this month’s release to generate a heavy load on administrators who are responsible for patching.

Leave a Reply