Symantec VoR - Microsoft March 2011 Patch Tuesday
Good afternoon,
Today, Microsoft issued three security bulletins which address four vulnerabilities. Only one of these vulnerabilities has been rated critical by Microsoft.
“The lone critical issue this month – the DVR-MS vulnerability – will be somewhat trivial for attackers to exploit,” said Joshua Talbot, security intelligence manager, Symantec Security Response. “It also allows attackers to skip a few of the traditional steps needed to get malicious code to execute on a targeted computer. This is because when processing DVR-MS files, Windows Media Player and Media Center use data in these files themselves to determine what code in memory gets executed. This allows an attacker to jump directly to executing malicious code.”
“To exploit this issue a user has to open a malicious file, so some social engineering would need to be employed,” Talbot added. “However, because DVR-MS files are media files used by common Windows applications, it’s not hard to imagine a scenario where an attacker spreads a malicious file purporting to be a video clip related to some popular current event.”
“The other vulnerabilities fixed this month all relate to the DLL issues Microsoft has been working to address for some time now,” Talbot concluded. “These are fairly easy to exploit, but because an attack would require a user to take some fairly uncommon steps – such as opening up malicious files from SMB or WebDAV servers – they’re less likely to pose a serious threat.”
Symantec strongly encourages users to patch their systems against all vulnerabilities addressed this month.
Please visit the Symantec Security Response blog for more information and also let me know if you’re interested in speaking with a Symantec expert in greater detail about any of the vulnerabilities addressed this month.
The Symantec Security Response blog can be viewed here:
http://www.symantec.com/connect/symantec-blogs/sr
Additional information on Microsoft’s security bulletins can be found here:
http://www.microsoft.com/technet/security/bulletin/ms11-mar.mspx
Best,
Elana
Elana Ziluk
Account Coordinator | MAVERICK Public Relations
(416) 640-5525 x 243 | 37 Madison Avenue | Toronto | M5R 2S2
w: maverickpr.com | t: MAVERICK_PR