Microsoft is sending Windows Server admins some security love this month with a number of Patch Tuesday updates...
covering a large number of vulnerabilities.
This month's round of security fixes includes three critical updates and six important updates. All three critical updates address remote code execution vulnerabilities.
One critical update addresses 41 reported vulnerabilities in Internet Explorer (IE). These vulnerabilities could be exploited if end users visit a malicious website using the browser. All supported versions of IE are affected.
The larger number of vulnerabilities is likely because there were no fixes in last month's batch of patches, said Wolfgang Kandek, CTO of Qualys, Inc., a cloud security and compliance software provider based in Redwood Shores, Calif.
There is one publicly exploited exploit, which would be used in conjunction with another exploit, Kandek said.
Another critical fix addresses a Group Policy vulnerability in Windows Server. The vulnerability could be exploited if end users with a domain-configured system connect to a network the attackers already control. Windows Server 2003 and higher as well as Windows 7 and higher are affected.
However, Windows Server 2003 did not receive a patch, because issuing an update would require re-architecting "a very significant amount" of the operating system, the company said in an update FAQ. The company added that workstations connected to untrusted networks are most at risk for this vulnerability.
Group Policy patches are a rarity for the company, Kandek said.
"Group Policy is only used within companies, you'd have to pose as the domain," Kandek said. "It would have to be used in conjunction with another exploit."
Kandek said he anticipates that there could be more exploits in the realm of Group Policy down the line.
The final critical update fixes six kernel-mode driver vulnerabilities in multiple versions of Windows and Windows Server. These vulnerabilities could be exploited if end users open malicious documents or websites with TrueType fonts embedded in them.
There are six important fixes in this round of Patch Tuesday updates that address a number of vulnerabilities. Another Group Policy fix appears in a security feature bypass vulnerability affecting multiple versions of Windows Server. The vulnerability could be exploited if attackers corrupt a policy file in the Group Policy Security Configuration Engine, which will force Group Policy settings to revert back to a potentially less secure status.
Another important update includes a fix for an elevation of privilege vulnerability in Virtual Machine Manager (VMM). The vulnerability could be exploited if attackers log on to the system using valid Active Directory logon credentials. This update only affects System Center 2012 R2 VMM Update Rollup 4.
Other important updates address vulnerabilities in Office, Windows and the Microsoft Graphics component. The complete list of this month's security fixes can be found here.