November Patchday!

Gestern hat Microsoft wieder ein neues Security Bulletin für November herausgebracht. Auch diesen Monat gibt es einige kritische Patche die so bald wie möglich eingespielt werden sollten.

MS09-63

Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)
This security update resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability.

Auf Servern die einen Webservice installiert haben unbedingt installieren!
MS09-64 Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) Wer den Lizenzserver installiert hat ist gegen diese Lücke anfällig
MS09-65

Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)
This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker’s site.

Betrifft praktische alle Windows Versionen. Da es sich um eine Remote ausnutzbare Lücke handelt und es um den Kernel geht sollte der Patch asap eingespielt werden, insbesondere auf den Workstations und Terminalservern. Solange man auf Servern nicht surft dürfte das Problem nur eine geringe Gefahr darstellen.
MS09-66

Vulnerability in Active Directory Could Allow Denial of Service (973309)
This security update resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS.

Denial of Service, die Domänenkontroller oder Rechner mit Adam/AD LDS müssen schnellstens gepached werden. Denkt dabei an den Edge!
MS09-67

Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)

Excel ist verwundbar und ermöglicht Remote code Ausführung. Sollte asap  gepached werden.
MS09-68 Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) Remote ausnutzbare Lücke in Microsoft Word, auch diese sollte asap gepached werden.

Mehr Informationen gibt es in den weiterführenden Links des Security Bulletins oder auf dem Blog des Microsoft Security Response Centers .

 

Happy Patching

 

Viele Grüße

 

Walter Steinsdorfer

Leave a Reply

Your email address will not be published. Required fields are marked *