Patch Tuesday Bulletin - February 2011

This is a very disruptive Patch Tuesday with several updates impacting nearly the full operating system product line from Microsoft and requiring a reboot. While a pair of Zero Day security issues have now been patched, we still have not received a patch for the MHTML issue that impacts all versions of Internet Explorer, meaning we can look forward to an equally disruptive Patch Tuesday in March.

We finally got our patch for Internet Explorer today in the midst of Microsoft's 12 bulletins; three of which were critical and nine important. 900 million people are now sharing the love for Microsoft after last month, when we waited for the IE patch that never came. This month, we get to celebrate the national day of love by simultaneously rebooting our PCs.

The IE patch is making a lot of noise, addressing the current IE CSS recursive stylesheet import issue. History is repeating itself with this massive reboot and as we know from experience, reboots of this magnitude have been known to upset services and applications, so it's possible we will see similar problems to what we encountered in 2007 when a large Microsoft Patch that required a reboot crippled applications, Skype in particular.

Also addressed today were the Windows graphics rendering issue, the DIB thumbnail bug and updates from Adobe and Mozilla. Adobe will be releasing updates for several Adobe Reader versions for both Windows and Macintosh, and Mozilla will be releasing two Firefox version updates that will address security issues on February 14, 2011. Although Microsoft appears to be doing a bit of spring cleaning this Patch Tuesday, along with a lot of 'run of the mill' stuff, it cannot be emphasized enough that this will create the need for a massive simultaneous reboot and historically, we've seen services greatly impacted when such a huge number of machines require reboots.

Bulletins

» Highest Priorities

• MS11-003 Cumulative Security Update for Internet Explorer (2482017)
• MS11-004 Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
• MS11-006 Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
• MS11-007 Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
• MS11-008 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)

» Followed By

• MS11-005 Vulnerability in Active Directory Could Allow Denial of Service (2478953)
• MS11-009 Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
• MS11-010 Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
• MS11-011 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
• MS11-012 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
• MS11-013 Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
• MS11-014 Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)

Other News

» Updates Outside of Microsoft

In addition to the Microsoft security bulletins, there are planned updates this week from Adobe and next week for Mozilla Firefox.

• Adobe released a pre-notification of Security Advisory APSB11-03 which includes updates for Adobe Acrobat, for versions 10.0 and 9.4.1, and Adobe Reader, for versions 10.0 and 9.4.1. This bulletin is planned to be released on February 8, 2011.
• Mozilla will release Firefox 3.6.14 and Firefox 3.5.17 on February 14, 2011. Both are planned to include security updates.

» Patch Tuesday Content Checklist

Do you want to know what patches Lumension releases as part of Microsoft Patch Tuesday? If so, please visit the Microsoft Patch Tuesday Content Checklist on the Customer Portal.

Patch Tuesday Commentary

Do you currently run Lumension® Patch and Remediation 6.4 or lower?
If you do, you need to validate your migration plan before July 8, 2011.

	Paul Henry's 2011 Malware Trends February 23, 2011 11am ET More than 1.6 million new malware signatures are identified each month and the volume of zero-day attacks continues to rise. Join security and forensics expert, Paul Henry, to learn about the latest malware trends and more importantly, practical steps you can take to better protect your organization from evolving threats. Time for a New Test According to research, AV detection rates are less than 70% a full week after a new attack is identified. The problem for corporate security and the business is not limited to zero-day attacks, it is all attacks. This is the motivation for enterprise security to have conversations with whitelisting vendors.

Traditional anti-virus approaches are struggling to keep up with the increasing volume and sophistication of malware. Learn how a new 'intelligent' approach can dramatically reduce malware infection rates without affecting productivity.

Learn how to identify and assess the vulnerabilities that create the most IT risk, automate policy enforcement and layer your security approach with prioritized IT risk mitigation, antivirus and application whitelisting.

February is a very disruptive Patch Tuesday with several updates impacting nearly the full operating system product line from Microsoft and requiring a reboot.