Patch Tuesday Analysis for June 2008
All of this month's patches deal with Windows vulnerability but run the gamut in system types from workstations to domain controllers. The only 2 publicly disclosed vulnerabilities are workstation-type security holes and they aren't currenlty being used in attacks so do your testing but don't delay getting the patches deployed. The server and domain controller security holes are either privilege elevation or denial of service risks so I'm not viewing those as super urgent. Follow your normal testing.
Below is the fast facts table on all of the patches to help your impact analysis:
| Bulletin | Exploit Types
/Technologies Affected | System Types Affected | Exploit
details public?
/ Being exploited? | Comprehensive,
practical
workaround
available? | MS severity rating | Products Affected | Notes | Randy's recommendation | MS08-034
948745 | Privilege elevation
/ WINS Server | Servers
| No/No | No | Important | Win2000
Win2003
| None | Patch after normal testing | MS08-031
950759 | Arbitrary code
Information disclosure
/ Internet Explorer | Workstations
Terminal Servers
| Yes/No | No | Critical | Win2000
XP
Win2003
Vista
Win2008
| None | Patch ASAP after minimum testing | MS08-032
950760 | Arbitrary code
/ Microsoft Speech API | Workstations
Terminal Servers
| Yes/No | Yes | Moderate | Win2000
XP
Win2003
Vista
Win2008
| See Death of an ActiveX Control on my site for automating workaround, Vista SP1 immune | Implement workaround or patch after minimun testing | MS08-036
950762 | Denial of service
/ PGM, MSMQ | Workstations
Servers
| No/No | No | Important | XP
Win2003
Vista
Win2008
| Computers with MSMQ or are running a PGM-supported application | Patch if concerned with DOS attacks on internal network | MS08-030
951376 | Arbitrary code
/ Bluetooth stack | Workstations
| No/No | Yes | Critical | XP
Vista
| Physical proximity apparently required | Disable Bluetooth or patch after testing | MS08-033
951698 | Arbitrary code
/ DirectX | Workstations
Terminal Servers
| No/No | Yes | Critical | Win2000
XP
Win2003
Vista
Win2008
| Use startup scripts to run workaround commands | Implement workaround or patch after normal testing | MS08-035
953235 | Denial of service
/ AD and ADAM | Domain Controllers
| No/No | No | Important | Win2000
XP
Win2003
Win2008
| DCs and ADAM servers | Patch if concerned with DOS attacks on internal network |
Receive Randy's same-day, independent analysis each Patch Tuesday
Email:
We will not share your address. Unsubscribe anytime.
|
"Thank you. I am very glad I subscribed to this newsletter.
Relevant content clearly and concisely. Finally!!!"
- John K.
"I really like the Fast Facts on this Month's Microsoft
Security Bulletins. Do you keep old copies? If yes, please let me know how I can
access them?"
-Susan D.
"Thanks, Randy. Your regular updates have streamlined my
monthly patching. Much appreciated,"
- Steve T.
"Really appreciate your patch observor. In the corporate
IT world, anything we can get our hands on that speeds the process of analyzing
threats and how they may or may not apply to our environments is a God-send.
Thanks so much for your efforts."
- Tess G.
"Many thanks for this Randy"
- Roger G.
"The chart is a REAAALLY good idea :)"
- Phil J.
"I like the table. Your insight is very valuable. "
Tom C.
"I liked your high level overview of patches in the
table. There are so many sources of patch information which can be very specific
or surrounded by other stuff that it’s refreshing to get everything summarised
like this. The “Randy’s Recommendation” comment is useful starting point too.
Please keep up the good work."
- David A.
"Your Patch Tuesday Observer is a very good tool in
making the decision whether to patch or not to patch. And also to patch asap or
to wait a while before patching. Also I do think the use of the table is realy
improving the readability of the provided information."
- Gerard T.
|