Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Microsoft releases security patch covering 26 vulnerabilities

Add to del.icio.us     Digg this story Digg this

February 10, 2010

As it does every second Tuesday of the month, at around 1.30 PM EST yesterday, Microsoft released 13 security patches, covering no less than 26 OS vulnerabilities. Yesterday's security patch is considered by many in the industry as a large one, and with more than just a few minor implications.

Click here to order the best dedicated server and at a great price.

So far, three of the security patches are particularly critical and require immediate attention. One of these critical updates (bulletin MS10-006) addresses two security vulnerabilities in the SMB networking service protocol that might easily lend itself to drive-by attacks on unpatched servers or computers.

All supported versions of Windows will need patching, though Vista and Windows 7 (three critical updates) are less exposed than XP and Windows 2000 (five critical security patches).

A separate vulnerability (bulletin MS10-007) in Windows Shell handler poses a similar code injection risk, but this problem is restricted to older versions of Windows (XP, Windows 2000 and Windows 2003 Server).

Finally, there's also a patch (bulletin MS10-013) for Microsoft Direct Show which, left unpatched, creates a handy mechanism for potential hackers to take over computers, provided they succeed in tricking the OS into opening maliciously constructed AVI video files.

"The size of this security patch is pretty big! Historically, Microsoft has had a light January followed by a large February, and this year is sure no exception. Yesterday’s patches addressed no less than 26 vulnerabilities and that's quite a bit by any standard. So far, there have been no reports of active attacks against these vulnerabilities, however. But one of these security vulnerabilities has been publicly disclosed," said Jason Miller, data and security team leader at Internet security firm Shavlik & Associates.

"Highest on our list for the security fix are bulletin MS10-006 SMB client and bulletin MS10-013 Direct Show, which affect all versions of Windows and have a low exploit ability index", Miller said.

"Next are security bulletins MS10-007 Shell URI handling, which is critical for Windows 2000, XP and Server 2003 and bulletin MS10-008, an update to the ActiveX Killbit settings, applicable to all OS platforms."

"Windows 7 and Windows Server 2008 Release 2 are less affected by the security vulnerabilities simply because of "rewrites of the TCP/IP stack and the URI handling in Windows 7 and 2008/R2", which improved the implementation of these core OS technologies," said Wolfgang Kandek, CTO of security scanning firm Qualys.

No less than eleven of the thirteen bulletins released yesterday cover security flaws in windows while the remaining two cover "critical" security fixes affecting older (pre 2007) versions of Office, as explained in Microsoft's summary.

An overview from the SANS Institute's Internet Storm Centre (ISC) disagrees with Redmond's security Gnomes on the severity of the Office bugs, categorizing both as critical, however.

Add to del.icio.us     Digg this story Digg this

Source: Microsoft.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer



Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.


Get your Linux or Windows dedicated server today.


The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.