October Microsoft Security Bulletins

During the last couple of days we had a chance to analyse the latest vulnerabilities patched by Microsoft in the October Security Bulletin and create a set of our own advisories for vulnerabilities that are most likely to be used by malware writers:

MS08-057. Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)

MS08-058. Cumulative Security Update for Internet Explorer (956390)

MS08-059. Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)

MS08-060. Vulnerability in Active Directory Could Allow Remote Code Execution (957280)

There was one crucial difference from the previous months. It was the first month we received technical information about announced vulnerabilities in advanced of the public release, thanks to Microsoft Security Response Team and the MAPP program created for security vendors as we announced yesterday.

I see this as a significant step forward in providing protection for our mutual customers as well as an opportunity to cooperate closely with other security companies. Although this is the first MAPP release I can already say that the provided information is very useful as it allows us to automate exploit recognition process in incoming malware samples and publish advanced protection when required.