Monday,24 February, 2025

Subscribe to Newsletter
HOME
 		  NEWS
 		  Knowledge Center
 		 
News

Microsoft August 2010 Patch Tuesday

Published Aug 12, 2010

Microsoft has issued 14 security bulletins which address 34 vulnerabilities, 12 of which Microsoft has rated as critical. This represents a record number of bulletins issued in a single month, and ties the record for total vulnerabilities addressed.

“The SMB pool overflow vulnerability should be a real concern for enterprises,” said Joshua Talbot, security intelligence manager, Symantec Security Response. “Not only does it give an attacker system-level access to a compromised SMB server, but the vulnerability occurs before authentication is required from computers contacting the server. This means any system allowing remote access and not protected by a firewall is at risk.”

“Best practices dictate that file or print sharing services, such as SMB servers, should not be open to the Internet,” Talbot added. “But such services are often unprotected from neighboring systems on local networks. So, a cybercriminal could use a multi-staged attack to exploit this vulnerability. Such an attack would likely start by compromising an employee’s machine via a drive-by download or socially engineered email, and would end by using that compromised computer to attack neighboring machines on the same local network that have the SMB service running.”

“This issue affects more than just file servers using the SMB service,” Talbot concluded. “Workstations that have enabled file and print sharing are also at risk. Laptops with this configuration that connect to untrusted networks, such as public Wi-Fi, or that allow ad hoc connections could be attacked by neighboring computers. The user could then unwittingly carry their infected system back to the enterprise, opening the door to an organization’s entire network.”

Symantec strongly encourages users to patch their systems against all vulnerabilities addressed this month.

Please visit the Symantec Security Response blog for more information and also let me know if you’re interested in speaking with a Symantec expert in greater detail about any of the vulnerabilities addressed this month.

The Symantec Security Response blog can be viewed here:
http://www.symantec.com/connect/symantec-blogs/sr

Additional information on Microsoft’s security bulletins can be found here:

http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx

Rachel Watts
The Portsmouth Group
T: +971 4 369 35757
E: Rachel.watts@theportsmouthgroup.com
Symantec@theportsmouthgroup.com


Rate This:

Posted by VMD - [Virtual Marketing Department]

Poll
What is your favourite search engine?
Google
Yahoo
Bing

Most Viewed
  Riverbed Launches Industry’s Most Complete Digital Experience Management Solution
  Credence Security to Address Growing Market for GRC Solutions in Middle East Through Partnership with Rsam
  New Mimecast Archive Cloud Capability Streamlines GDPR Management for Email
  Planning and Scheduling Software–Helping Manufacturers Keep Their Customers Happy
  Farsight Security and Infoblox Provide Zero-Hour Protection Against Cyberattacks Due to New Domains
  Fujitsu Launches High-Security Biometric Authentication Solution for Active Directory IT Environments
  Rackspace Wins 2017 Red Hat Innovator of the Year Award
  ServiceNow Survey Shows 2018 as the Year of Automation for Routine Enterprise Work
  4 Tech Hacks to Faster Customer Onboarding
  New Mimecast Report Detects 400% Increase in Impersonation Attacks
Contact Us
Site Map
News RSS
Terms of Use

Developed & Managed By ROOT Technologies - Copyrights ROOT Technologies - All Rights Reserved.