Happy new year, and welcome to another edition of the patch Tuesday summary blog. There is a lot to celebrate this month, because after last month’s large set of patches, this month there a mere three vulnerabilities patched across two bulletins. With such a small drop, there is space for me to go through each of the vulnerabilities one by one:
This is another of those DLL loading vulnerabilities I’ve been mentioning for the past few months. These are continuing to trickle out, although at a much lower rate than last year. As is standard with this class of vulnerability, opening certain file types can cause DLLs to be loaded from the same directory the file is contained in. If an attacker controls that directory, they can execute arbitrary code via a malicious DLL. SMB and WebDAV shares are the remote network vector for these vulnerabilities.
This is a slightly tricky issue, because the vulnerability isn’t in any named Microsoft products, but rather an API that could be used by third party applications, rendering them vulnerable. Are your applications vulnerable? It’s hard to know, so best to apply this patch defensively.
This vulnerability is one of those “don’t go to the wrong website” issues. A malicious web page can use this memory allocation flaw in the MDAC library to execute arbitrary code inside Internet Explorer.
As we do every month, we’ve released a signature update to address the vulnerabilities fixed in today’s patches.
Discussing a wide range of topics impacting enterprises and
data center security.