November 23, 2014

Microsoft updates Windows 8 and Internet Explorer but comes under critisim for poor Windows Defender performance

(LiveHacking.Com) – Microsoft has released six bulletins to address multiple vulnerabilities in Microsoft Windows Shell, .NET Framework, Windows Kernel-Mode drivers, Excel, Internet Information Services (IIS), and cumulative security updates for Internet Explorer as part of  November’s Patch Tuesday.

As expected, four of the bulletins are ranked as Critical, one is Important, and the other one is rated as Moderate. Microsoft are suggesting that customers focus on the following two Critical level patches:

  • MS12-071 (Internet Explorer): This bulletin addresses three privately disclosed issues, none of which are currently known to be used in the wild. Successful exploitation of these issues could result in code execution with the current user’s privileges. These issues do not affect Internet Explorer 10.
  • MS12-075 (Windows Kernel): This security update addresses three privately reported issues, none of which are currently known to be used in the wild. This bulletin affects all supported versions of Microsoft Windows, including Windows 8. The most severe issue could result in remote code execution if an attacker is able to lure a user to a website with a maliciously crafted TrueType font file embedded. The patch fixes the vulnerabilities by correcting the way that the Windows kernel-mode drivers handle objects in memory.

Another issue that affects Windows 8 is MS12-072 (Vulnerabilities in Windows Shell Could Allow Remote Code Execution). The patch fixes two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user browses to a specially crafted briefcase in Windows Explorer.

Without these latest patches the affected Microsoft products (including Windows 8) are vulnerable to attack and could allow the attacker to execute arbitrary code remotely, operate with elevated privileges, or access sensitive information.

Windows 8 and Windows Defender

Microsoft’s patch come a few days after anti-virus company Bitdefender released information about the quality of Windows Defender, the built-in security application for Windows 8. According to Bitdefender 61 viruses, out of a total of 385, were able to infect a computer running Windows 8 with the Windows Defender application security enabled.

To set a baseline, Bitdefender conducted tests on Windows 7 and Windows 8 with the built-in antivirus disabled. It seems that without any anti-malware protection both operating systems are equally susceptible. Of the 385 viruses, 234 successfully infected Windows and continued to run until the machine was cleaned with Bitdefender. What this baseline test showed is that Windows 8 isn’t inherently more secure than Windows 7.

Bitdefender however acknowledged that Windows 8 did bring some new security features but running antivirus software is essential.

 

Microsoft to patch critical bugs including first fixes for Windows 8 and Windows 8 RT

(LiveHacking.Com) – Microsoft has published its advance notification for November’s Patch Tuesday. This month the company plans to release six bulletins which will fix 19 separate vulnerabilities. Four of the six bulletins are ranked at Critical and will  address 13 vulnerabilities in Microsoft Windows, Internet Explorer and the .NET Framework. Of the remaining two, the first is rated as Important and will address four vulnerabilities in Microsoft Office and finally, the last bulletin is rated as moderate and will address two issues in Microsoft Windows.

Five of the six bulletins fix vulnerabilities which could allow remote code execution. If exploited it would mean that attackers could use this bugs to install malware on to a vulnerable PC. The first bulletin is for Internet Explorer 9 and applies to Windows Vista and above (as IE9 isn’t available for XP) except for Windows 8 which runs IE10 by default, similarly bulletin three (the moderate update that addresses two issues in Windows) only applies to Windows Vista and above except Windows 8. However the remaining three Windows related bulletins affect all supported versions of Windows from XP upwards.

Microsoft’s latest operating system is not immune to these bugs as Windows 8 receives three critical updates this month. This isn’t surprising as large parts of the code (especially the various libraries  are common across many versions of Windows. What is more surprising is that Windows 8 RT (the version that runs on ARM tablets) receives one critical and one important update. This again highlights the amount of source code shared between the different version and the bugs are related to the platform.

The bulletins are scheduled for release on the second Tuesday of this month, November 13, 2012, at approximately 10 a.m. PST.