Patch Analysis for November 2010

Everyone responsible for workstation security should pay close attention to MS10-088 an MS10-087. These vulnerabilities allow arbitrary code to be executed through email – in the case of the Word vulnerability (MS10-087) – just reading an email could trigger the code. Moreover, exploit details have already been published so actual attacks can’t be far away. I would say this patch is a candidate for abbreviated testing. Also check with your AV vendor to confirm they can cover you until the patch rolled out. For that matter Microsoft rates all three vulnerabilities as likely for the development of consistent exploit code.

Unless you are running UAG (Unified Access Gateway), which a new and cool way to provide remote users with transparent access to everything on your network without a VPN, you don’t need to worry about MS10-89. Or do you? There is some confusion about Intelligent Application Gateway (previous version and name of UAG) and whether it is affected. Obviously if you are using either, carefully analyze this bulletin.
Finally, I would like you to note that 2 of this month’s 3 vulnerabilities are multi-platform, affecting Office on both Windows and the Mac. That’s par for the course in today’s multi-platform, multi-vendor “patchscape”. Security patching used to be basically just Windows and Microsoft but now its Windows, Linux, Unix, Mac and not just Microsoft but Adobe, Sun, Apple and more. I discuss how to deal with the new challenges and risks this presents in my blog post: Keeping up with the changing landscape of patch management.
Now for the chart:

Receive Randy's same-day, independent analysis each Patch Tuesday

We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.


Additional Resources