Tags: microsoft critical updates, microsoft patch, microsoft updates, ms office updates, security holes, tuesday patch
Microsoft plugs 34 security holes in a Patch Tuesday update with 14 security bulletins. Of the eight critical bulletins, Microsoft rates four as the highest priority for enterprises.
Microsoft released 14 new security bulletins in Aug. 10′s Patch Tuesday update to cover nearly three dozen vulnerabilities.
Fourteen is the largest number of security bulletins ever released by Microsoft on Patch Tuesday. Eight of the bulletins are rated critical. Of the eight, four are considered by Microsoft to be high priority: MS10-052, which resolves a vulnerability in Microsoft’s MPEG Layer-3 audio codecs; MS10-055, which addresses a vulnerability in the Cinepak Codec used by Windows Media Player to support the AVI audiovisual format; MS10-056, which deals with four vulnerabilities in Microsoft Office; and MS10-060, which resolves two vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight.
Another bulletin that may require particular attention is MS10-054.
“The SMB [protocol] pool overflow vulnerability [covered in MS10-054] should be a real concern for enterprises,” said Joshua Talbot, security intelligence manager of Symantec Security Response. “Not only does it give an attacker system-level access to a compromised SMB server, but the vulnerability occurs before authentication is required from computers contacting the server. This means any system allowing remote access and not protected by a firewall is at risk.
Read more at eweek.com
