Friday, April 10, 2009

Five 'Critical' Patches Planned for Tuesday

After some comparatively light patch rollouts in past months, Microsoft's April Patch Tuesday promises a fuller slate with eight security bulletins. Five are rated "critical" and two "important," with one rare "moderate" patch.

This month's round of security updates may have the most girth of any since October. The rollout is expected to include hotfixes for Windows programs and services, DirectX, and ubiquitous Microsoft applications such as Internet Explorer (IE), Excel and Word. All of the critical items have remote code execution implications. The important items are designed to stop two instances of elevation-of-privilege incursions. Finally, the moderate patch protects against denial-of-service attacks.

Critical Fixes
The first critical bulletin is described as a Windows fix and affects Windows 2000, XP and Windows Server 2003. Meanwhile, the second critical Windows patch touches on all supported Windows client and server OSes.

The third critical fix deals with the DirectX versions 8.1 and 9.0 running on Windows 2000, XP and Windows Server 2003. DirectX consists of application programming interfaces used for multimedia on Windows-based PCs, including game, video and audio applications.

The fourth critical fix expected on Tuesday will update IE versions 5.01, 6 and 7 running on Windows 2000, XP and Vista, as well as Windows Server 2003 and Windows Server 2008. IE has been at the center of recent hacker activity affecting older versions of the browser, plus the recent IE 8.

The fifth critical bulletin to come will fix Excel, affecting Microsoft Office 2000, 2003, 2007 and XP, along with Office 2004 and 2008 for Macs. Security analysts speculate that this Excel fix could be related to a hole in the popular spreadsheet app for which Microsoft issued a security advisory in February. That advisory warned users that exploits were in the wild, potentially affecting all supported versions of Excel.

Important and Moderate Items
The first important fix for this month will pertain to Microsoft's Distributed Transaction Coordinator (MSDTC). The MSDTC is a Windows-based administrative tool that acts as a conduit for information and commands passed over the network via resource managers, SQL Server databases and various other file systems. This fix updates the MSDTC facility program across every supported Windows OS. It's designed to block hackers from infiltrating a system and upping their administrative privileges to change MSDTC configurations, Microsoft says.

The second important fix will affect Microsoft's Forefront Edge Security platform and the Internet Security and Acceleration (ISA) Server. ISA is a server application deployed to stave off malware and firewall-compromising attacks. This fix is supposed to deflect a denial-of-service onslaught where hackers can change access control parameters and lock enterprise administrators out of these programs.

Finally, the lone moderate item in the rollout will affect all Windows OSes and is designed to circumvent elevation-of-privilege attacks.

All of the eight patches may require restarts.

IT pros interested in nonsecurity updates channeled through Windows Update, Microsoft Update and Windows Server Updates can find support in this Knowledge Base article. It provides guidance on IE 8 system updates, along with junk-mail filter upgrades and malicious software removal tool tweaks.

Zend Releasing Enterprise-Grade PHP Server