So last month’s Patch Tuesday was pretty quiet on the Microsoft front.Â Not so lucky this month with a total of 13 bulletins, 5 critical, 7 important.Â And one for MS Paint.Â That’s right, Paint.Â Looks like I’ll have to put down the little spray paint tool for a bit. The others include patches for Office (2 of them), SMB (2 more), an update of ActiveX killbits, IPv6 stack vulnerabilities, Hyper-V, ShellExecute, Client/Server Run-time, Kerberos and the Windows Kernel.
Oracle has also released an out-of-band patch this week for a problem with their WebLogic Node Manager.Â Also in the Oracle world, David Litchfield demonstrated a 0-day against Oracle’s 11g database server.Â It doesn’t appear there is a patch available yet, so check the links for mitigation info.
Samba also has a post regarding a zero day attack for a directory traversal issue via symlinks.Â I’ve included both a post on the vulnerability and a link to a post by the Samba developers.Â On one hand, yes it does look a configuration error by an admin.Â At the same time, it is the default configuration.Â I’ll leave it to you to decide.Â Besides, it never hurts to double check those smb.conf’s.
In an ongoing theme of malware in App Stores, or Market Places, or Galleries, it looks like two pieces of malware made it onto the Add-on site.Â One is a password sniffer disguised as video downloader, and the other contained a backdoor.
Additionally there are some updates available for LANDesk Management Gateway which fixed a problem which allows an attacker to run commands as root.
- Microsoft: Patch Tuesday
- Oracle: Security Alert for WebLogic Server (CVE-2010-0073)
- Oracle: 0-day in Oracle 11G
- Samba: symlink attack 0-day (Samba’s response here)
- Mozilla: Malware in the add-ons
- LANDesk: Management Gateway command injection vulnerability