01-10-13 | Blog Post
In January’s Microsoft security updates, there are two critical patches to speak of. The first is a vulnerability in Windows Print Spooler components, where a print server that receives a specially crafted print job could allow for remote code execution. This patch does require a restart, and is relevant for all supported editions of Windows 7 and Windows Server 2008 R2.
The second update is for vulnerabilities found in Microsoft XML Core Services. If a user views a specially crafted webpage using Internet Explorer, an attacker could potentially accomplish a remote code execution. This would be coupled, likely, with an email encouraging users to go to to this webpage. This patch may or may not require a restart.
This update affects Microsoft XML Core Services 3.0, Microsoft XML Core Services 4.0, and Microsoft Core Services 6.0 on all editions of Windows XP, Vista, Windows 7, Windows 8, and Windows RT among others, (check the bulletin for the full list of affected softwares).
The other five updates are all categorized as ‘important’, including three elevation of privilege vulnerabilities, a security feature bypass possibility in Windows, and a weakness in the Open Data Protocol that could allow, with a specially crafted HTTP request to an affected site, a denial of service attack.
One concern that many are having is the lack of an update for the zero-day Internet Explorer vulnerability that’s been the source of a watering hole attack against the Council of Foreign Relations. Microsoft has stated that they’re currently working on an update, and that it will be released as soon as possible. In the meantime, there is a Fix-IT that IE 6, 7, and 8 users can implement, and Microsoft urges their customers to upgrade to IE 9 or 10 that are currently unaffected.