Microsoft fixes 22 vulnerabilities
In today’s Patch Tuesday, Microsoft released 4 bulletins addressing vulnerabilities affecting Windows and Office.
Amol Sarwate, Vulnerability Labs Manager for Qualys, comments: “Many companies will have limited exposure for the software affected and will be able to take a breather this month as this is a relatively small release as compared to last month’s 16 updates and is consistent with the cycle of smaller patches every other month.”
Vulnerability in Bluetooth stack could allow remote code execution
This security update resolves a privately reported vulnerability in the Windows Bluetooth Stack. The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only affects systems with Bluetooth capability.
Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege
This security update resolves 15 privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.
Vulnerabilities in Windows client/server run-time subsystem could allow elevation of privilege
This security update resolves five privately reported vulnerabilities in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS). The vulnerabilities could allow elevation of privilege if an attacker logs on to a user’s system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities.
Vulnerability in Microsoft Visio could allow remote code execution
This security update resolves a publicly disclosed vulnerability in Microsoft Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
To learn more about patching challenges and techniques read our interview with Qualys CTO Wolfgang Kandek, where he offers his extensive knowledge on the subject.