January 11, 2012 No Comments-
It may seem like the New Year has just begun, but it’s already time for Microsoft’s first Patch Tuesday of 2012. Microsoft has released seven security bulletins, one critical, to correct eight system vulnerabilities – making it one of the biggest January Patch Tuesdays ever.
Only one of the seven security bulletins, MS12-004, is classified as critical, which is the highest threat rating. The update fixes two issues with Windows Media that affect Windows Media Player, Microsoft Windows Media Libraries and Microsoft DirectShow on Windows Vista and Windows XP, which allows attackers to use a malicious MIDI or DirectShow file to execute code remotely.
In addition to the critical updates, Microsoft added a new vulnerability classification, “security feature bypass” for MS12-0001. The new classification refers to threats that don’t directly compromise a system, could help facilitate other attacks. For example, an exploit that turned off a Windows security feature that provided alerts could be classified as a “security feature bypass.” It’s not surprising that Microsoft has elected to highlight the new category given the role these issues could play in keeping an advanced persistent threat (APT) concealed.
Other notable updates included in January’s patch Tuesday:
Made up of various contributors' opinions and insights - the power of the collective.
Security Exposed Bloggers
Norman Safeground Blogs Archive