BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘Microsoft’

Patch Tuesday MS15-078

Microsoft Patches a Critical Vulnerability in Adobe Type Manager Font Driver

Posted July 20, 2015    BeyondTrust Research Team

Today, Microsoft released the MS15-078 bulletin containing a patch for yet another flaw in the Adobe Type Manager Font Driver (atmfd.dll). This patch, coming just shy of a week after Microsoft’s monthly Patch Tuesday event, fixes a kernel pool overflow vulnerability (CVE-2015-2426), which can allow remote code execution with full system rights. The vulnerability lies…

Tags:
,
patch-tuesday

July 2015 Patch Tuesday

Posted July 14, 2015    BeyondTrust Research Team

July’s Patch Tuesday is a hefty one, clocking in with 14 bulletins, including the typical misfits – Internet Explorer and Office. Last month’s missing bulletin (MS15-058) is now included, patching important-rated vulnerabilities within SQL Server.

Tags:
,
patch-tuesday

June 2015 Patch Tuesday

Posted June 9, 2015    BeyondTrust Research Team

This month’s Patch Tuesday is a bit on the lighter side with only 8 bulletins. In total, 45 distinct vulnerabilities are addressed with over half belonging to Internet Explorer. At the time of release, Microsoft seemed to skip the MS15-058 bulletin, so we’ll be sure to keep an eye out for it.

Tags:
,
patch-tuesday

May 2015 Patch Tuesday

Posted May 13, 2015    BeyondTrust Research Team

This month’s Patch Tuesday is massive, to say the least, with a total of 13 bulletins, affecting many products and all versions of Windows. Earlier this month, Microsoft announced that the upcoming Windows 10 will not follow the typical Patch Tuesday cycle and updates will be provided when they become available.

Tags:
, ,
patch-tuesday

April 2015 Patch Tuesday

Posted April 14, 2015    BeyondTrust Research Team

Microsoft gave everyone a breather in this month’s Patch Tuesday, serving up fixes for a surprisingly modest 26 vulnerabilities. The fixes address various flaws including remote code execution, information disclosure, security feature bypass and cross-site scripting to name a few. Let’s dive right in: MS15-032 – Cumulative Security Update for Internet Explorer (3038314) IE makes…

Tags:
, ,
patch-tuesday

March 2015 Patch Tuesday

Posted March 10, 2015    BeyondTrust Research Team

Microsoft patched 44 CVEs across 14 bulletins this month, with vulnerabilities in Internet Explorer and Adobe Font Driver necessitating the bulk of those fixes. With so many bulletins, it was only natural that a wide variety of security flaws were found:  remote code execution, elevation of privilege, denial of service, information disclosure, cross-site scripting, spoofing and security feature bypass were all present and accounted…

Tags:
, ,
patch-tuesday

February 2015 Patch Tuesday

Posted February 10, 2015    BeyondTrust Research Team

Microsoft patched a fairly hefty 58 CVEs across 9 bulletins this month, with Internet Explorer taking the lion’s share of those fixes. Among the offending flaws are remote code execution, security bypass, elevation of privilege, and information disclosure vulnerabilities. MS15-009 fixes 41 assorted flaws in Internet Explorer including remote code execution, ASLR bypass, privilege elevation…

Tags:
, ,
patch-tuesday

January 2015 Patch Tuesday

Posted January 14, 2015    BeyondTrust Research Team

Starting off the new year, Microsoft directs its focus more toward user rights and access. For the majority of bulletins, an attacker would need some form of authentication prior to elevating their privileges. Aside from these, the most notable vulnerability lies within an old friend named Telnet, which even the newer versions of windows are…

Tags:
,
6

A Quick Look at MS14-068

Posted November 20, 2014    Bill Finlayson

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,
Triggering MS14-066

Triggering MS14-066

Posted November 17, 2014    BeyondTrust Research Team

Microsoft addressed CVE-2014-6321 this Patch Tuesday, which has been hyped as the next Heartbleed.  This vulnerability (actually at least 2 vulnerabilities) promises remote code execution in applications that use the SChannel Security Service Provider, such as Microsoft Internet Information Services (IIS). The details have been scarce.  Lets fix that. Looking at the bindiff of schannel.dll, we see a…

Tags:
, , , , ,