Patch Tuesday Monthly Security Briefing september 2011

In this issue:

Welcome Break from Microsoft While IT Deals with SSL Certificate Issues

5 Important

Patch Tuesday Security Briefing

September’s Patch Tuesday from Microsoft is rather light with only 5 Bulletins – none of which are critical:

Even with no vulnerabilities rated critical this period, the importance of quickly deploying these upcoming patches should not be overlooked. Prioritize the remote code execution issues first with MS11-071, MS11-072 and MS11-073 followed by privilege escalation issues MS11-070 and MS11-074.

In light of the current DigiNotar certificate issues (including the latest threat by the hacker to exploit the Microsoft Windows Update service) the handling of potentially compromised digital certificates is currently top of the list for most IT pros this period. Many IT professionals are already busy dealing with replacing their server certificates and also updating user browser / OS software to revoke trust in compromised certificates so this Patch Tuesday is welcome break.

Mozilla is being very aggressive in dealing with the issue and has sent communication to all CA’s with root certificates in NSS requesting immediate action. This seems to allude to the fact that other CA’s could face the same demise seen at DigiNotar if they are not cooperative and forthcoming.

Unfortunately, we have already established Read More »

Get Started Today »


FREE Trial Offers

Try our award-winning products and solutions NOW »

Endpoint Management and Security Suite Trial »

Intelligent Whitelisting Trial »

AntiVirus Trial »

Application Control Trial »

Device Control Trial »

Patch and Remediation Trial »

Risk Manager Trial »

How to Improve Endpoint Security on a SMB Budget

Tuesday, September 27, 11am ET

Today’s cybercriminals are targeting small-to-midsize organizations more frequently. With limited staff and resources, SMBs face the challenge of increasing IT security issues and more sophisticated threats with a limited arsenal. Join security expert and author, Roger Grimes and director of solution marketing with Lumension, Chris Merritt as they discuss practical recommendations for improving security, including how to:

  • Deter cybercriminals by taking care of the IT security basics
  • Prioritize what security technologies to implement
  • Better educate users to limit user errors
  • Implement processes that improve security without impacting overall productivity

FREE Security Tools


Application Scanner

Discover all applications running on your network



Get it Now »


Device Scanner

Discover every removable device ever connected to your endpoints



Get it Now »


Vulnerability Scanner

Discover all OS and application vulnerabilities on your network



Get it Now »

Bulletins

» Important

MS11-070   Elevation of Privilege, Vulnerability in WINS
 
MS11-071   Remote Code Execution, DLL Linking
 
MS11-072   Arbitrary Code Execution, Microsoft Excel
 
MS11-073   Code Execution, Microsoft Office
 
MS11-074   Elevation of Privilege, Sharepoint

Updates Outside of Microsoft

Here are the notable third party updates from the last month:

Apple Security Content

Adobe Security Content

Sun Java Security Content

Also, in response to the DigiNotar trust certificate hack, the following updates have been issued by our supported vendors:

Apple Security Content

Mozilla Security Content

Microsoft Security Content

Security Forum
Would You Change Your Behavior if You Knew You Were Targeted?

No amount of scary headlines or warnings issued by security experts or government agencies has the impact of the sure knowledge you have been targeted. Once you realize you’ve been targeted, your approach to security transforms.

Webcast
It’s Your Move: The Changing Game in Endpoint Security

Your opponents have changed the IT security game – learn how to regain control of your endpoints by first understanding today’s threats. Then, hear how one company has found success in beating the bad guys.

Whitepaper
Endpoint Management and Security Buyers Guide

Security can no longer be just a collection of point products thrown at the issue ‘de-jour’. Today’s solutions must meet the needs of the business and provide strong security. Meaning, it must be easy to manage, affordable, and it can’t get in the way of productivity.

Visit the Security Forum »

Watch the Webcast »

Download the Whitepaper »