Microsoft's Patch Tuesday deals with Badlock Bug
Industry experts weigh in on what they think of this Patch Tuesday
Microsoft has moved to fix 13 problems affecting its products, including a patch for the infamous Badlock bug that has been plaguing Samba.
The update addresses a number of issues, six of which are classified as critical.
As noted in Microsoft's bulletins, 31 specific vulnerabilities were dealt with today's patch. All of which were problems that could have resulted in remote code execution, elevation of privilege, denial of service or a security feature bypass with the absence of the patch.
Eight of the flaws are associated with Badlock, but experts are mostly in agreement that things are not as bad as initially thought.
The vulnerability (MS16-047 / CVE-2016-0128) is a man in the middle (MITM) attack on specific RPC traffic. An attacker that's properly placed can listen in on RPC traffic and force a session to downgrade its authentication level.
"This allows a basic hijack of the session and a privilege escalation that could allow an attacker to full access to administrative tasks and the user database (SAM) on the remote server," said Trustwave's threat intelligence manager Karl Sigler.
"This is certainly a concern and admins should patch their systems as early as possible. However, I can't say that this vulnerability rises to any level that deserves the focus that a dedicated website and three weeks of buildup have given Badlock."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
MS16-037 is a cumulative security update for Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user, according to Siglar.
There was also a cumulative update for the Edge browser too. MS16-038 could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
There were also updates for the Microsoft Graphics Component (MS16-039) that affected editions of Microsoft Office 2007 and Microsoft Office 2010. There was also an update for Microsoft XML Core Service, rated critical, on all supported releases of Microsoft Windows.
Other updates covered the .NET Framework, Office, Windows OLE, Hyper-V and a host of other security issues.