October 2012 Microsoft Super Tuesday
Posted by Zubair Ashraf on October 09, 2012 at 2:39 PM EDT.
Microsoft's October 2012 Security Bulletin has been made publicly available. The vendor has released 7 bulletins, 20 CVE's today. Only one of the bulletins, affecting Office and Server Software, is marked as critical. The remaining bulletins, affecting Office, Server Software, MSQL, Lync and Windows are all rated as important. We encourage customers to refer to the notification for additional information.
Let's take a look at the critical one:
- Microsoft Security Bulletin MS12-064 - Critical - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
The critical vulnerability in this bulletin is CVE-2012-2528 - RTF File listid Use-After-Free Vulnerability. For an attacker to exploit this vulnerability the user would have to open a malicious RTF file, common vectors for delivery of such file is a spear phishing email. This attack vector has recently been quite a favorite for targeted attacks. Successful exploitation of the vulnerability can allow the attacker to execute arbitrary code with the same permission as the user. We would recommend this patch be applied as soon as possible, and as always user education is the best thing to do for future threats. Making sure that your users are aware of the risks associated with opening various Office and Adobe documents, and to be cautious of phishing and spearphising emails is the strongest prevention measure you can take.
We would also like to remind you that the certificate key length increase patch will be rolled out this month as well.
Happy patching and stay safe!