It was a busy day for IT administrators and information security professionals. Not only was yesterday Microsoft's Patch Tuesday for the month of April, it is also the day of Adobe's quarterly security updates. In total, they addressed 40 vulnerabilities -- many of them rated as critical and exposing systems to potential remote exploits.
Microsoft Patch Tuesday
A Microsoft spokesperson emailed the following "Today, as part of its routine monthly security update cycle, Microsoft is releasing 11 security bulletins to address 25 vulnerabilities: five rated Critical, five rated Important and one rated Moderate. This month's release affects Windows, Microsoft Office, and Microsoft Exchange. Additionally, the Malicious Software Removal Tool (MSRT) was updated to include Win32/Magania."
[ Windows 7 is making huge inroads into business IT. But with it comes new security threats and security methods. InfoWorld's expert contributors show you how to secure the new OS in the "Windows 7 Security Deep Dive" PDF guide. ]
Qualys CTO Wolfgang Kandek noted in his blog post "Microsoft's patch release for April contains 11 bulletins covering 25 vulnerabilities. The bulletins address a wide array of operating systems and software packages, IT administrators with a good inventory of their installed base will have an easier time to evaluating which machines need patches."
"The critical Microsoft WinVerifyTrust signature validation vulnerability can be used to really enhance social engineering efforts," said Joshua Talbot, security intelligence manager, Symantec Security Response in an emailed statement. "Targeted attacks are popular and since social engineering plays such a large role in them, plan on seeing exploits developed for this vulnerability."
Talbot continued "It allows an attacker to fool Windows into thinking that a malicious program was created by a legitimate vendor. If a user begins to download an application and they see the Windows' notification telling them who created it, they might think twice before proceeding if it's from an unfamiliar source. This vulnerability allows an attacker to force Windows to report to the user that the application was created by any vendor the attacker chooses to impersonate."