DarkFiber Consulting – IT Managed Services

Microsoft Releases Advance Notification for October Security Bulletin

October 23rd, 2010 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release will contain sixteen bulletins. Four bulletins will have the severity rating of critical and will be for Microsoft Windows and Internet Explorer. Ten bulletins will have the severity rating of important and will be for Microsoft Server Software, Windows, and Office. The remaining two bulletins will have the severity rating of moderate and will be for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, October 12, 2010.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advance Notification for August Security Bulletin

August 6th, 2010 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its August release will contain 14 bulletins. Eight bulletins will have the severity rating of critical and will be for Microsoft Windows, Internet Explorer, Office, and Silverlight. The remaining six bulletins will have the severity rating of important and will be for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, August 10, 2010.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Windows .LNK Vulnerability

August 6th, 2010 . by DarkFiber Consulting

DarkFiber Consulting is aware of a vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for .LNK files. Microsoft uses .LNK files, commonly referred to as “shortcuts,” as references to files or applications.

By convincing a user to display a specially crafted .LNK file, an attacker may be able to execute arbitrary code that would give the attacker the privileges of the user. Viewing the location of an .LNK file with Windows Explorer is sufficient to trigger the vulnerability. By default, Microsoft Windows has AutoRun/AutoPlay features enabled. These features can cause Windows to automatically open Windows Explorer when a removable drive is connected, thus opening the location of the .LNK and triggering the vulnerability. Other applications that display file icons can be used as an attack vector for this vulnerability as well. Depending on the operating system and AutoRun/AutoPlay configuration, exploitation can occur without any interaction from the user. This vulnerability can also be exploited remotely through a malicious website, or through a malicious file or WebDAV share.

Microsoft has released Microsoft Security Advisory 2286198 in response to this issue. Users are
encouraged to review the advisory and consider implementing the workarounds
listed to reduce the threat of known attack vectors. Please note that
implementing these workarounds may affect functionality. The workarounds include

  • disabling the display of icons for shortcuts
  • disabling the WebClient service
  • blocking the download of .LNK and .PIF files from the internet

Microsoft has released a tool, Microsoft Fix it 50486, to assist users in disabling .LNK and .PIF file functionality. Users and administrators are encouraged to review Microsoft Knowledgebase article 2286198 and use the tool or the interactive method provided in the article to disable .LNK and .PIF functionality until a security update is provided by the vendor.

Update: Microsoft has issued a Security Bulletin Advance Notification indicating that it will be releasing an out-of-band security bulletin to address this vulnerability. Release of the security bulletin is scheduled for August 2, 2010.

In addition to implementing the workarounds listed in Microsoft Security Advisory 2286198, DarkFiber Consulting encourages users and administrators to consider implementing the following best practice security measures to help further reduce the risks of this and other vulnerabilities:

  • Disable AutoRun as described in Microsoft Support article 967715.
  • Implement the principle of least privilege as defined in the Microsoft TechNet Library.
  • Maintain up-to-date antivirus software.

Additional information can be found in the DarkFiber Consulting Vulnerability Note VU#940193.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advance Notification for February Security Bulletin

March 1st, 2010 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification, indicating that its February release cycle will contain 13 bulletins. Five of them will have a severity rating of Critical and will be for Microsoft Windows. The remaining eight bulletins have an Important rating and are for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, February 9, 2010.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advance Notification for December Security Bulletin

December 10th, 2009 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its December release cycle will contain six bulletins, three of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Microsoft Office, and Internet Explorer. There will also be three important bulletins for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, December 8.

DarkFiber Consulting will provide additional information as it becomes available. 

Microsoft Releases Advance Notification for October Security Bulletin

October 14th, 2009 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release cycle will contain thirteen bulletins, eight of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, Office, Silverlight, SQL Server, Developer Tools, and Forefront. There will also be five important bulletins for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, October 13.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advance Notification for May Security Bulletin

May 9th, 2009 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that the May release cycle will contain one bulletin with a maximum severity rating of Critical. The notification states that the Critical bulletin is for Microsoft PowerPoint. The release is scheduled for Tuesday, May 12.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advanced Notification for December Security Bulletin

December 6th, 2008 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that the December release cycle will contain eight bulletins, six of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, and Office. There will also be two Important bulletins for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, December 9.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advance Notification for November Security Bulletin

November 7th, 2008 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its November release cycle will contain two bulletins, one of which will have the severity rating of Critical. The notification states that this Critical bulletin is for Microsoft Windows and Office. There will also be one Important bulletin for Microsoft Windows. Release of these bulletins is scheduled for Tuesday,  November 11.

DarkFiber Consulting will provide additional information as it becomes available.

Microsoft Releases Advance Notification for October Security Bulletin

October 9th, 2008 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release cycle will contain 11 bulletins, four of which will have the severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, Host Integration Server, and Office. There will also be six Important bulletins for Microsoft Windows. The remaining bulletin, for Microsoft Windows, will have the severity rating of Moderate. Release of these bulletins is scheduled for Tuesday, October 14.

DarkFiber Consulting will provide additional information as it becomes available.

« Previous Entries