We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Microsoft Patches XML Flaw Under Attack and 15 More Vulnerabilities

Microsoft released nine security bulletins, including updates to patch an XML flaw actively under attack, and vulnerabilities in IE 9.

It's the second Tuesday in July, and you know what that means: it's Microsoft Patch Tuesday. Today, Microsoft released nine new security bulletins as predicted in the advance notice last week. Some updates are more urgent than others, though, so we turn to security experts for insight and analysis to help guide your patching efforts.

Of the nine security bulletins, three are rated as Critical while the remaining six are ranked as merely Important. Of course, Important still suggests a sense of urgency that shouldn't be ignored.

The three Critical bulletins address the vulnerability in Windows XML core services, and flaws in Internet Explorer 9 and Microsoft Data Access Components (MDAC). The Important updates fix a range of issues affecting Windows, Office, Office for Mac, and SharePoint.

Qualys CTO Wolfgang Kandek states in a blog post, "Of the three bulletins rated critical, the top priority goes to MS12-043 that addresses the MSXML vulnerability, which has been under attack for the last 30 days."

Andrew Storms, director of security operations for nCircle, agrees. Storms notes that the XML flaw is already included in a variety of exploit toolkits, and attacks are circulating in the wild. Storms adds, "If you are paying close attention, you'll notice that the XML version 5 patch for the bug isn't shipping today. The fix for this version is probably not ready yet, so Microsoft decided to deliver the other patches. So far, all the attacks in the wild utilize XML version 3, so this release, even though not totally complete, seems like a no-brainer."

Marc Maiffret, co-founder of eEye Digital Security and now CTO at BeyondTrust, points out, "Internet Explorer 9 is not only the "faster browser" this month but the fastest way to get you owned. MS12-044 specifically covers a critical vulnerability that affects only Internet Explorer 9."

Maiffret finds it interesting that both MS12-043 and MS12-044 (the patches for XML and IE9) also affect the Windows 8 Release Preview. He stresses that we don't really know if an exploit would be as straightforward on the new OS given new and improved security controls, but notes the fact that two out of nine security bulletins also affect the upcoming flagship OS may be a harbinger of things to come.

"Of the Important bulletins, MS12-046 and MS12-048 should be next on everyone's "Must Patch" list," according to Marcus Carey, a security researcher with Rapid7. Carey adds, "MS12-046 and MS12-048 can both exploit victims who navigate to malicious WebDAV or SMB shares and opens malicious files in the malicious directory. These two bulletins are primed for spear phishing attacks."

As with every Patch Tuesday, the prioritization of updates, and the degree of urgency with which the patches are implemented will vary from one organization to the next. Examine the Microsoft security bulletins, and install the updates that affect your systems as soon as possible.

IDG UK Sites

Samsung Galaxy S6 release date, features and specs rumours: When will the Galaxy S6 come out?

IDG UK Sites

Why people aren't upgrading to iOS 8: new features are for power users, not the average Joe

IDG UK Sites

Free rocket & space sounds: NASA launches archive of interstellar audio on SoundCloud

IDG UK Sites

iPad Air 2 review: Insanely fast and alarmingly thin. Speed tests, camera tests, beautiful...