Microsoft has released six security bulletins that address 11 vulnerabilities, including one that Redmond said is being used in the wild.
Four of the six bulletins are listed as “critical,” while two more are listed as “important,” and cover a wide range of Microsoft applications, from Windows and Internet Explorer (IE) to Office, SQL Server and Developer Tools.
Security experts said users should take note of the number of Microsoft software products involved as well as the number of bulletins listed as critical.
“The specific threats covered in all 4 ‘Critical’ bulletins carry a potential impact of remote code execution” Jim Walter, manager of the McAfee Threat Intelligence Service for McAfee Labs, said in an email sent to journalists. “Add to this that so many popular products are among the affected, including Internet Explorer, Office, SQL Server, and the potential danger is increasingly apparent. IT administrators should take this into account when prioritizing patches.”
According to the Microsoft bulletin, an attacker would have to find a way to convince a user to visit the site, and normally would use an email or instant messaging (IM) text to get them to go to the malicious site.
Baumgartner also pointed to another bulletin, MS 12-023, which patches five IE vulnerabilities that, like the previous one, would lead to a remote code execution attack. According to Microsoft, the “most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
Baumgartner said such remote code execution attacks impact consumers and businesses alike.
“RCE attacks abusing these six IE and ActiveX vulnerabilities would look like Web browser redirections to malicious sites hosting Web pages attacking Internet Explorer and emails carrying malicious attachments constructed to appear familiar to the targeted victim,” he wrote. “These are currently significant vectors of attack for both consumer/home and corporate Microsoft product users.”
Marcus Carey, a security researcher at security software maker Rapid7, agreed that the vulnerabilities found in IE should be fixed quickly.
“This should be the top priority for organisations as users could be compromised by drive-by exploits from Web pages with specially crafted malicious content,” Carey said in an email sent to journalists. He also noted the dangers in the vulnerabilities around Windows Common Controls. “An attack would be able to remotely execute code by having a victim open a malicious file or go to a malicious Website. This is a basic data-handling vulnerability at the core of Microsoft applications.”
One of the vulnerabilities that Microsoft listed as important could have been upgraded, he said. It’s another vulnerability – listed in MS 12-028 – that could result in a remote code execution in Microsoft Office and Works if the user opens a “specially crafted Works file,” according to Microsoft. A successful attacker could gain the same rights as the user.
“This one could easily be disputed and ranked as critical by many,” Carey said. “The only thing it’s missing is automatic administrative privileges. The attacker is limited to the permissions of the user that opens up a malicious document.”
How well do you know Internet security? Try our quiz and find out!
Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…
Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC
Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…
Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…
Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…
Elon Musk continues to provoke the ire of various leaders around the world with his…