Patch Tuesday October 2011 – 8 bulletins, 2 critical

Security vulnerabilityMicrosoft have released 8 security bulletins covering 23 vulnerabilities for the October 2011 Patch Tuesday.

Microsoft’s advice this month is a bit confusing, but I will attempt to explain these bulletins to help you make decisions regarding their importance.

Two of the bulletins are rated critical. One impacts all supported versions of Internet Explorer (MS11-081) and could allow remote code execution if a user visits a specially crafted malicious webpage.

All eight vulnerabilities in IE were privately reported, but Microsoft is warning that the flaws are easily exploitable.

The second critical bulletin (MS11-078) affects Microsoft .NET and Silverlight. This bulletin also allows for remote code execution and was privately disclosed.

Microsoft warns it has a high exploitability index and impacts both endpoint computers with .NET/Silverlight installed and some IIS servers with ASP.NET.

Five of the remaining six vulnerabilities are rated important, but also have a high exploitability index. Affected software includes Windows XP/2003/2008/Vista/7/2008R2, Windows Media Center and Forefront Unified Access Gateway.

The last bulletin affects Microsoft Host Integration Server and is rated important with a low exploitability index. This doesn’t mean this update should be ignored, but certainly is a lower priority for deployment than the others.

I will stop writing now so you can start deploying these updates. Keep in mind that most attacks these days are not against zero day vulnerabilities, but things that are already patched. The sooner you can send out the patches, the safer you will be.

SophosLabs have rated the vulnerabilities in Windows, Media Center and .NET/Silverlight as high, Forefront and Internet Explorer as medium and Host Integration Server as low.