A Watchful UI

Posted by uiitsecurity on February 15, 2012 in Security

Welcome to the February edition of a Watchful UI!

Microsoft has released 9 patches for this month.  Four of them are rated critical while the rest are listed as important. It is interesting to note that there are more patches for Windows 7 than XP this month.

http://technet.microsoft.com/en-us/security/bulletin/ms12-feb

The SANS Black Tuesday overview:

http://isc.sans.edu/diary.html?storyid=12586

There have been reports of some issues applying these updates and needing multiple reboots. Please test and plan your patching time accordingly.

Microsoft also had some issues with their AV products falsely detecting Google.com as a virus. For home users, Microsoft Security Essentials by default only updates every 24 hours, so even though Microsoft has now issued an update to fix the problem, it may linger for some users.

http://krebsonsecurity.com/2012/02/microsoft-av-flags-google-com-as-malware/

Oracle released their critical patch update for Java SE and JavaFX.  In total there are 14 security fixes. This brings the current public versions to 6.0update31 and 7.0update3.

http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html

Note that Java vulnerabilities are high on the list of the most common exploits in the wild, making it even more important to keep patched, or uninstalled if not used:

http://www.zdnet.com/blog/security/which-are-the-most-commonly-observed-web-exploits-in-the-wild/10261

Adobe has released updates for Shockwave Player, RoboHelp and Flash.

http://www.adobe.com/support/security/bulletins/apsb12-02.html
http://www.adobe.com/support/security/bulletins/apsb12-04.html
http://www.adobe.com/support/security/bulletins/apsb12-03.html

Don’t forget to make sure you have the updates they released for Reader and Acrobat in January as they patch critical vulnerabilities.

http://www.adobe.com/support/security/bulletins/apsb12-01.html

As a last minute addition, Adobe on Wednesday also updated Flash player to address a zero-day vulnerability that is being exploited in the wild. [Mitch]

http://www.scmagazine.com/adobe-patches-flash-because-of-ongoing-attacks/article/227935/

http://www.adobe.com/support/security/bulletins/apsb12-03.html

Apple released a huge update for Lion with 10.7.3, and also Update 2012-001 for 10.6.8. These updates address a whopping 52 CVEs, and unfortunately have a huge download size to match. Note that Apple has not yet updated Java to the current version. Also note what is missing – updates for 10.5 have not been released. While Apple doesn’t officially declare an end of life (EOL) for their operating systems, they typically only supply patches for the last two versions. If you are not already running 10.6 or 10.7, you should be planning to update soon.

http://support.apple.com/kb/HT5130

Mozilla Firefox is now up to version 10.0.1.  Keep in mind that Firefox 10 will be the base version for the initial Extended Support Release.  Firefox 3.6 will be end-of-lifed on April 24th, 2012.

http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10.0.1
https://wiki.mozilla.org/Enterprise/Firefox/ExtendedSupport:Proposal

Google updated Chrome to version 17.0.963.46

http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+
GoogleChromeReleases+%28Google+Chrome+Releases%29&utm_content=FeedBurner

Be sure if you use Skype that you upgrade to the latest version.  Nessus is detecting older versions of Skype as a critical vulnerability because there is an as-of-yet unspecified vulnerability that could lead to anonymous exploit over the listening port.  If a public exploit becomes available we may be required to take action to remove vulnerable machines from the UI network.

http://blogs.skype.com/garage/2012/02/skype_for_windows_update.html

And for some general advice, removing admin rights remains a good way to reduce risk when possible:

http://www.zdnet.com/blog/security/report-64-of-all-microsoft-vulnerabilities-for-2009-mitigated-by-least-privilege-accounts/5964

Keeping your browser plugins checked and updated regularly also helps significantly. I know some users who have set either the Mozilla plugin check page or the Qualys Browsercheck page as their home page so they remember to check it regularly:

Qualys UI page: http://goo.gl/9eGLw
Mozilla: http://www.mozilla.org/en-US/plugincheck/

Your comments and feedback are always appreciated, please let us know at ITS-Security@uidaho.edu

Mitch Parks
Desktop Security Analyst

Zack Preston
Desktop Security Assistant

Twitter: @UIITSecurity

Tags: Permalink
Follow

Get every new post delivered to your Inbox.

Join 106 other followers

%d bloggers like this: