December Microsoft Security Bulletins

Filed Under: SophosLabs, Vulnerability

It seems that November was quite a busy month for people in Microsoft Security Response Center, finalizing the set of latest security patches. It is a bit worrying that vulnerabilities in 7 out of 8 published bulletins could be used to launch malware attacks.

We in SophosLabs are particularly interested in MS08-072 and MS08-074 as both Word and Excel documents were frequently used to deliver various information stealing malware. Luckily Sophos malware detection engine contains some new functionality that allows us to deal with most of the maliciously malformed compound documents and we are writing the detection for potentially maliciously malformed files as I write this blog post. The intention is, as always, is to protect all users before the real threat appears in the wild. We have also written our own vulnerability analyses which you can access from the Latest vulnerabilities analysis page.

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Vanja is a Principal Virus Researcher in SophosLabs. He has been working for Sophos since 1998. His major interests include automated analysis systems, honeypots and malware for mobile devices. Vanja is always ready for a good discussion on various security topics.