Patch Tuesday Analysis for October 2007
Four Critical and two Important security updates and if you care about your data in SharePoint one of those Important updates (MS07-059) should be Critical too. Most of you out there will be particularly concerned about the publicly disposed vulnerability fixes for Word, IE and SharePoint. The Word and IE related patches of course impact your workstations while SharePoint should impact relatively few servers on typical networks. Here’s something to think about: How many of you use an Application Service Provider for SharePoint? I do. I’m making sure they get this patch loaded ASAP and you should too. I’m finding more and more critical business data move into SharePoint.
As to the rest of the patches, unless your folks are big Kodak Image Viewer or Windows Mail/Outlook Express there’s no need to escalate MS07-055 or MS07-56. Same goes for MS07-058 unless you are worried about DOS attacks from insiders (e.g. college networks). My Fast Facts chart follows below.
| Bulletin | Exploit Types
/Technologies Affected | System Types Affected | Exploit
details public?
/ Being exploited? | Comprehensive,
practical
workaround
available? | MS severity rating | Products Affected | Notes | Randy's recommendation | MS07-055
923810 | Arbitrary code
/ Windows | Workstations
Terminal Servers
| No/No | No | Critical | Win2000
XP
Server 2003
| Kodak Image Viewer – Only affects XP and 2003 if it was upgraded from 2000 | Patch after testing | MS07-058
933729 | Denial of service
/ Windows | Workstations
Terminal Servers
Servers
Domain Controllers
| No/No | No | Important | XP
Win2003
Vista
Server 2003
| | | MS07-057
939653 | Arbitrary code
/ IE | Workstations
Terminal Servers
| Yes/No | No | Critical | Win2000
XP
Vista
Server 2003
| Cumulative update addresses several vulnerabilities | Patch after testing | MS07-056
941202 | Arbitrary code
/ Windows | Workstations
Terminal Servers
| No/No | Yes | Critical | Win2000
XP
Vista
Server 2003
| Outlook Express, Mail | Disable news protocol handler; Patch after testing | MS07-059
942017 | Privilege elevation
Information disclosure
/ Windows | Servers
| Yes/No | No | Important | Office Sharepoint Server 2007
Server 2003
| Sharepoint Server | Patch after testing | MS07-060
942695 | Arbitrary code
/ MS Word | Workstations
Terminal Servers
| No/Yes | No | Critical | Office 2000
Office XP
Office 2004 for Mac
| None | Patch after testing |
Receive Randy's same-day, independent analysis each Patch Tuesday
Email:
We will not share your address. Unsubscribe anytime.
|
"Thank you. I am very glad I subscribed to this newsletter.
Relevant content clearly and concisely. Finally!!!"
- John K.
"I really like the Fast Facts on this Month's Microsoft
Security Bulletins. Do you keep old copies? If yes, please let me know how I can
access them?"
-Susan D.
"Thanks, Randy. Your regular updates have streamlined my
monthly patching. Much appreciated,"
- Steve T.
"Really appreciate your patch observor. In the corporate
IT world, anything we can get our hands on that speeds the process of analyzing
threats and how they may or may not apply to our environments is a God-send.
Thanks so much for your efforts."
- Tess G.
"Many thanks for this Randy"
- Roger G.
"The chart is a REAAALLY good idea :)"
- Phil J.
"I like the table. Your insight is very valuable. "
Tom C.
"I liked your high level overview of patches in the
table. There are so many sources of patch information which can be very specific
or surrounded by other stuff that it’s refreshing to get everything summarised
like this. The “Randy’s Recommendation” comment is useful starting point too.
Please keep up the good work."
- David A.
"Your Patch Tuesday Observer is a very good tool in
making the decision whether to patch or not to patch. And also to patch asap or
to wait a while before patching. Also I do think the use of the table is realy
improving the readability of the provided information."
- Gerard T.
|