Home » Internet

Patch your Windows and Cisco equipment this week

By 8 September 2009 No Comment

There were a number of critical security updates released by Microsoft this week covering Windows vulnerabilities in web browsing, TCP (necessary to connected to the Internet), and wireless connectivity.  The wireless vulnerability seems to apply to any computer with a W-Fi network adapter it basically affects all notebooks, netbooks, and even some desktop or server systems.

The TCP vulnerabilities affect every implementation of TCP across all hardware and software devices that connect to the Internet or use TCP and it affects products from all companies.  Microsoft and Cisco happen to be two of the first companies to patch their software and hardware and it would be advisable for everyone to apply the patch.

There were three additional zero-day vulnerabilities (security issues that have been disclosed but no patch is available) affecting Microsoft products this month.  There’s a remote code execution vulnerability (something that allows a hacker to take over your computer) affecting the File Transfer Protocol (FTP) service Internet Information Server (IIS) 5.0 and 6.0, and then there is also a Denial of Service (DoS) vulnerability affecting the FTP service in IIS 5.0, 6.0 and 7.0.  Windows Server 2008 customers can apply the free FTP 7.5 update which is unaffected.  Pre Windows 2008 customers should disable anonymous FTP write access to mitigate the issue until a patch is available.

The last zero-day vulnerability in Microsoft’s SMB service (which facilitates file sharing) can lead to code execution on Windows Vista but it seems to only cause Windows 7 to crash or reboot.  The vulnerability is blocked by default on most broadband connections which use routers with Network Address Translation (NAT) and it is blocked by default in Windows Vista and Windows 7 by the Windows Firewall.  If file sharing is enabled on the firewall, then it will not block exploitation of the vulnerability.  However, Vista and Windows 7 will generally block the attack from the Internet while allowing it on the local network (the network inside your own home or business).

Comments are closed.