After relatively quiet couple of months in terms of patches, Microsoft came back on Tuesday in full force with a patch for fixing the three zero day vulnerabilities, which should be attended to by administrators as soon as possible. The software maker issued a total of eight security bulletins that covered about 24 vulnerabilities, which had been discovered in Internet Explorer, Windows, .Net framework and Microsoft Office as well. Three of the eight bulletins were considered critical, which means that the patches should immediately be tested and applied by the administrators. Several vulnerabilities can be covered by a single bulletin in one technology.
Malicious attackers and hackers are already taking advantage of three of these vulnerabilities due to which they are being called zero-day vulnerabilities in the first place. In recent history, or maybe ever, this has happened for the very first time that Microsoft has introduced a single round of patches for fixing three zero day vulnerabilities, which are typically issued by the company on the second Tuesday of every month. The most dangerous and notorious of the three vulnerabilities is ‘Sandworm’, which exists in Microsoft Windows and has already been exploited for making attacks on several European government agencies including NATO, as well as energy companies and telecommunication firms.
This bug is fixed by one of the bulletins issued by the software giant, which has been marked as MS14-060. This was termed important by Microsoft instead of critical because the attack would only be effective if the file was clicked by the user. However, security analysts have ranked this vulnerability as a lot more severe than the company because they believe it is quite easy to trick users into clicking any file like a PowerPoint Presentation. This would be all that a hacker would need for gaining access to any network having a well-crafted script.
Administrators have been given a good reminder by ‘Sandworm’ that they should set correct user permissions on desktop computers and laptops, which mean that an end user should not be provided, full administrative privileges on the device. A problem in the Internet Explorer is highlighted in the second zero-day flaw and it can be fixed with MS14-056. An attacker could use this vulnerability for breaking out of the sandboxing capabilities of Internet Explorer. MS14-058 addresses the third zero-day flaw, which also exists within Windows. It is primarily concerned with the way TrueType fonts are handled by the kernel drivers of the operating system.
A malicious code can be embedded in the TrueType font by a malicious attacker. When a website containing these ill fonts are visited by the user, the font package will be downloaded by Windows and the code that’s buried in it will be automatically executed by the system. Nonetheless, it is not just the patches from Microsoft that will keep the administrators busy. They also have patches from Oracle and Adobe to deal with a set of patches was released by the latter while the former is also readying to release some patches for its enterprise software.