Patchwork

I’ve been up to my ears in travelling and AMTSO and had limited connectivity over the last week, but even I noticed that a lot of patching issues have risen to the surface in the past few days. In case some of this has passed you by, here are a few of the more prominent issues.

Perhaps the issue with the highest profile are the imminent out-of-band patches announced by Microsoft for release tomorrow (Tuesday 28th July). Developers will want to be aware of the bulletin relating to the Visual Studio range, as well as some major updates to Internet Explorer which will (or should!) concern everyone. The fact that Microsoft has suddenly inserted these updates without waiting for the next Patch Tuesday is a clear indication that there are vulnerabilities here that the company is taking very seriously. And Microsoft is not known for overemphasis when it comes to patch issues: if it is taking a patch seriously, the rest of us should, too.

As Heise have pointed out, it’s very likely that a certain Black Hat presentation has a very specific impact on the sudden perception of the importance of this issue.

In the meantime, Adobe have published some notes on mitigation of a "Local Privilege Escalation in Adobe Reader Installer", hard on the heels of a Flash vulnerability described in some detail by the Internet Storm Center. Adobe have promised mitigation around the end of the month.

David Harley BA CISSP FBCS CITP
Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

Author David Harley, ESET

  • http://n/a carl

    “I’ve been up to my ears in travelling and AMTSO and had limited connectivity over the last week…”

    Well I’m all ears about the AMTSO work…
    …and nothing stop you from picking up Notepad and write the text while traveling and update the blog with several post when online :)

    • http://www.smallblue-greenworld.co.uk David Harley

      Well, you’ll certainly hear more from me about AMTSO sooner rather than later.

      By the way, you don’t work for ESET, do you? Quite a few people here seem to think I should be blogging whenever I’m not actually sleeping. ;-)

      Sadly, coach-class travel and not even PDA connectivity is a bit limiting when it comes to writing about topical patching issues. :-)

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

22 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.