In addition to the standard Microsoft Patch Tuesday, two previous patches were re-released a few hours after the initial Patch Tuesday updates were released. These releases included;
- Microsoft Security Bulletin MS08-072
- Microsoft Security Bulletin MS08-076
The expectations from the ChangeBASE team are that the Microsoft update MSO9-001 is very unlikely to cause OS level or application compatibility issues. In addition, the two update patches had marginal impact on the AOK Application portfolio.
A sample of these results includes;
Testing Summary
- MS09-001: No Impact (both Package level and dependencies) detected across portfolio
- MS08-072: Marginal impact for Office related applications
- MS08-076: No Impact (both Package level and dependencies) detected across portfolio
| Patch Name | Total Issues | % of apps Affected | Reboot | Rating | RAG |
|---|---|---|---|---|---|
| Microsoft Security Bulletin MS09-001 | <1% | <1% | YES | C |  |
| Microsoft Security Bulletin MS08-072 | <1% | <1% | YES | C | |
| Microsoft Security Bulletin MS08-076 | <1% | <1% | YES | I | |
Legend:
M = Moderate I = Important C = Critical |
|
c. 800 applications were tested against these patches using the ChangeBASE ACL (Application Compatibility Lab)
Security Update Detailed Summary
| MS09-001 | Vulnerabilities in SMB Could Allow Remote Code Execution (958687) |
| Description | This security update resolves several privately reported vulnerabilities in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. |
| Payload | Srv.sys |
| Impact | Remote Code Execution |
| MS08-072 | Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) |
| Description | This security update resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
| Payload | Winword.exe, Wwlib.dll, Msword.olb, Wrd12cnv.dll, Wordcnv.exe |
| Impact | Remote Code Execution |
| MS08-076 | Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) |
| Description | This security update resolves two privately reported vulnerabilities in the following Windows Media components: Windows Media Player, Windows Media Format Runtime, and Windows Media Services. The most severe vulnerability could allow remote code execution. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
| Payload | Registry settings only |
| Impact | Remote Code Execution |
No comments:
Post a Comment