Seeing the rate at which companies have been successfully attacked by Java exploits while their users surf the web, I became increasingly alarmed and wondered how I was going to defend my own network. I had always known that Active Directory Group Policy could push out software, but I had never explored the option as I thought it sounded too involved.
The MS12-020 vulnerability for which Microsoft released a patch yesterday is about as bad as you can get. The vulnerability requires *no* authentication, can be exploited from *any network* that has connectivity to a Remote Desktop Protocol (RDP) service, and gives an attacker a full GUI at the super-user level (the SYSTEM account on Windows). Game. Over.
Another Adobe Acrobat vulnerability is being exploited in the wild. All versions up to and including 9.1.3 are vulnerable. The current exploit targets Acrobat and Acrobat Reader on Windows specifically, but all Acrobat variants (those for Linux and Mac OS X) are vulnerable. Apparently, using DEP (Data Execution Prevention) in Windows may thwart the attack (at the moment). DEP is an optional setting. Here is the Microsoft KB article about DEP, but their server is saying it’s “too busy” at the moment (4:11p). More information from the ISC is here.
Adobe is set to release an update on October 13. Until then, keep on your toes!
TRUE Network Security Monitoring customers: rest easier: if your resources are successfully attacked, we should see the results.
Well, installation wasn’t too bad. It took about 20 minutes or so. As a bonus, all of my settings seem to be intact and all of my programs continue to function properly. Even our corporate AV is working… I hope this isn’t premature, but: Good job, Microsoft.
So Vista SP2 is now available to the masses. I’ve downloaded it and am in the process of installing it. So far no problems, but it is claiming that my machine may reboot several times and the total installation time may be 1 hour or more. Here’s hoping the upgrade goes smoothly and I still have full functionality when the process completes…I’ll post my results here later today.