February 2012 Patch Tuesday Overview
Microsoft has released nine new security bulletins for the February 2012 edition of Patch Tuesday. This Patch Tuesday is typically marked as a 'heavy' release month and includes nine new security bulletins addressing 21 vulnerabilities.
There are two bulletins that administrators should look to patch immediately. Both of these bulletins address vulnerabilties that have the potential for drive-by attack scenarios from websites.
First up is Microsoft security bulletin MS12-010. This bulletin affects all supported Microsoft Internet Explorer browsers and addresses four vulnerabilities in the browser. As is the case with most, if not all Internet Browsers, it is extremely important to patch as soon as possible as browsers are one of the most attacked pieces of software. The vulnerabilities addressed in this patch could allow an attacker to exploit the browser through malicious websites.
Similarly, MS12-013 also has a possible drive-by attack vector. This bulletin addresses one vulnerability in the C Run-Time Library. If an attacker can entice a user to open a malicious media file, the attacker can gain full access to a system. In this new media and social media age, media file attack vectors are just as important as browser attack vectors when it comes to patching security vulnerabilities.
Our old friend, the DLL preload vulnerability, is making a return after a one-month hiatus. Two bulletins this month fix the DLL preload vulnerability in Microsoft applications.
MS12-012 - Color Control Panel
MS12-014 - Indeo Codec
Since releasing the Security Advisory for this issue in November 2010, Microsoft has patched different programs affected by this vulnerability 22 times. It is safe to say we will continue to see the DLL preload vulnerability being addressed by Microsoft in the coming months.
On the non-Microsoft front, there is already one vendor joining Patch Tuesday. Adobe released two new security bulletins today affecting two Adobe products. Security bulletin APSB12-02 affects Adobe Shockwave and fixes nine vulnerabilities. Adobe Security bulletin APSB12-04 affects Adobe RoboHelp for Word and fixes one vulnerability.
This has been quite a busy month with multiple non-Microsoft vendors releasing security updates for their software. After a very quiet December and January, it appears the non-Microsoft vendors are getting back to a normal cadence for releasing security updates for their software application. The following vendors have released security updates since January 2012 Patch Tuesday:
Google Chrome (twice)
Mozilla Firefox (twice)
Mozilla Thunderbird (twice)
Mozilla SeaMonkey (twice)
For those administrators who wait for a monthly maintenance window for their patching needs, this month is going to be quite a large month combining all of the Microsoft and non-Microsoft security bulletins released since the last Patch Tuesday.
I will be talking about these patches along with the latest non-Microsoft patches that have been recently released tomorrow, February 15th at 11:00am CT as part of our monthly Patch Tuesday webinar. Click here to register for the webinar.
- Jason Miller