November security updates from Microsoft

Microsoft released four security bulletins this afternoon (one critical, two important and one moderate) as part of its regular monthly release cycle.

Missing from today’s bulletins is a patch for the vulnerability affected by Duqu. Microsoft has said it is working diligently on that patch.

Below is analysis from McAfee and Symantec:


“Though there is no patch to address the zero-day vulnerability exploited by the Duqu Trojan, Microsoft did release a temporary workaround for the bug on Nov. 4,” said Jim Walter, manager of the McAfee Threat Intelligence Service (MTIS) at McAfee Labs. “The release of Security Advisory 2639658 is the first in which Microsoft is posting MAPP partner protection details, and McAfee is one of the vendors who have released protections within 48 hours of the announcement of the Microsoft Security Advisory. IT administrators should ensure that they implement both today’s patches and take note of the workaround, in order to prevent the Duqu Trojan from doing more damage.”


“Although today’s patch update is fairly small, it is possible we will see an upcoming out-of-band patch for the zero-day vulnerability used in the Duqu installer,” said Joshua Talbot, security intelligence manager, Symantec Security Response. “Microsoft recently published a security advisory as well as a temporary fix and is currently investigating the vulnerability. In addition to implementing the temporary fix, IT departments and end users should also remain vigilant in following standard security best practices.

"The Reference Counter Overflow Vulnerability from this month’s update is probably the most concerning of the bunch,” Talbot concluded. “We estimate an attack attempting to leverage it would take a considerable amount of time; perhaps 4 to 5 hours to complete a single attack. However, if an attacker can pull it off the result would be a complete system crash or compromise if the attacker develops a reliable means of exploitation.”

--Bill Brenner

one-stop view of latest business threats. We created it for you! Bookmark it! Use it!

CSO's Daily Dashboard gives you a

Get your morning news fix with the daily Salted Hash e-newsletter!

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Healthcare records for sale on Dark Web