October Microsoft Security Bulletins

Filed Under: SophosLabs, Vulnerability

During the last couple of days we had a chance to analyse the latest vulnerabilities patched by Microsoft in the October Security Bulletin and create a set of our own advisories for vulnerabilities that are most likely to be used by malware writers:

MS08-057. Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)

MS08-058. Cumulative Security Update for Internet Explorer (956390)

MS08-059. Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)

MS08-060. Vulnerability in Active Directory Could Allow Remote Code Execution (957280)

There was one crucial difference from the previous months. It was the first month we received technical information about announced vulnerabilities in advanced of the public release, thanks to Microsoft Security Response Team and the MAPP program created for security vendors as we announced yesterday.

I see this as a significant step forward in providing protection for our mutual customers as well as an opportunity to cooperate closely with other security companies. Although this is the first MAPP release I can already say that the provided information is very useful as it allows us to automate exploit recognition process in incoming malware samples and publish advanced protection when required.

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Vanja is a Principal Virus Researcher in SophosLabs. He has been working for Sophos since 1998. His major interests include automated analysis systems, honeypots and malware for mobile devices. Vanja is always ready for a good discussion on various security topics.