• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Microsoft Black Tuesday: Exploits for flaws in both Microsoft bulletins

January 11, 2011 By Corey Nachreiner

Microsoft has served this month’s patches, hot out of the oven. As expected, they only released two security bulletins, both of which affect Windows or a component that ships with it.

The more detrimental of the two bulletins fixes two Critical vulnerabilities in Windows’ Data Access components. In short, if an attacker can entice you to a malicious web page, he could exploit this to take over your computer. I would recommend you patch this one immediately. The second bulletin fixes a flaw in Vista’s Backup Manager. This flaw requires a bit more user interaction to exploit, but Vista users should still upgrade as soon as they can. You can find more details about today’s MS Patch Day releases here.

According to SANs, exploit code is available for the flaws both these bulletins fix, one of which anyone can download from the Exploit-db. Even though today’s Black Tuesday isn’t so black, I’d still recommend you install all of Microsofts updates as quickly as you can.

I’ll post a LiveSecurity alert that describes these bulletins in more detail, shortly. — Corey Nachreiner, CISSP

Share This:

Related

Filed Under: Uncategorized Tagged With: exploits, Microsoft, MS Patch Day, Updates and patches

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • TikTok is Banned, Kind Of
  • How Not to Update Software

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • How Not to Update Software
  • Naming APTs
  • TikTok is Banned, Kind Of
  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use