Patch MS12-027 Now--Zero Day Flaw Being Actively Exploited
Microsoft released six security bulletins for Patch Tuesday, including MS12-027--a Critical fix for a flaw attackers are already exploiting.
PC World - Today is the second Tuesday of April, and that means it's Microsoft Patch Tuesday time. This month Microsoft released a total of six new security bulletins, but one in particular deals with a zero-day vulnerability impacting virtually every Microsoft user, which is already being exploited in the wild.
Four of the six security bulletins are rated as Critical by Microsoft, with the remaining two ranked as Important. The Critical security bulletins include a fix for Windows and the .NET framework, as well as the perennial favorite--the cumulative update for Internet Explorer. The biggest deal, though, is MS12-027, which addresses a critical flaw in Windows Common Controls.
Andrew Storms, director of security operations for nCircle, declares MS12-027 is the "deploy now" patch of the month. The Windows Common Controls are widely used throughout the Microsoft ecosystem, so there isn't much that isn't potentially impacted by this one.
Storms adds, "It gets worse: Microsoft has already seen exploits for this vulnerability in the wild in limited attacks."
In a blog post, VMware's Jason Miller explains that the MS12-027 flaw can be exploited by simply visiting a malicious website using Internet Explorer, or by opening a file attachment with an embedded malicious ActiveX control.
Miller agrees with Storms, and emphasizes, "As Microsoft has already seen active exploits against this vulnerability and it contains a Web browsing scenario, it will be critical to push this patch out to your desktop systems as soon as possible."
Wolfgang Kandek, CTO of Qualys, also puts MS12-027 at the top of the priority list. Kandek cautions that not only are exploits already out there in the wild, but malware developers will likely target the vulnerability even more now that they can reverse-engineer the patch.
nCircle's Tyler Reguly warns that the scope of this threat, and the work involved in patching affected applications may be overwhelming for some businesses. He stresses, "This bulletin is a great example of why developers should use shared libraries wherever possible. This should be a simple Windows patch but instead we're seeing every affected application patch the problem independently."
Again, Miller concurs. He says that software developers are going to have to be diligent about reviewing the details of this bulletin and addressing any issues it may present for applications they have written.
Miller clarifies, "Any developer that has released an ActiveX control should review the information for this security bulletin. These developers may need to release updates to their own software to ensure they are not using a vulnerable file in their ActiveX control."
With all of the attention on MS12-027, though, don't lose sight of the fact that there are three other Critical security bulletins to address as well, and Important security bulletins shouldn't be ignored. Review all of the security bulletins and prioritize them to deploy all of the applicable updates as quickly as possible.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts