Black Tuesday and Reboot Wednesday?

Wednesday, May 13, 2009

Patch Tuesday also known as Black Tuesday is the 2nd Tuesday of each month that Microsoft releases their monthly patches to the public. These patches cover Microsoft's main software including all of their operating systems and Office products. This patch Tuesday we only saw 1 patch released by Microsoft for 14 PowerPoint vulnerabilities! Along with Microsoft releasing this patch, Adobe has also released a patch for their Reader and Acrobat product, and Apple released the Mac OS X 10.5.7 patch.

Why Black Tuesday and Reboot Wednesday? Well when companies release patches they disclose the vulnerabilities they fix, cool right? Kind of, when all of these companies decide to patch their systems the same day it might not be feasible to us IT and Security professionals to patch all of our systems the same day. These leaves published, known vulnerabilities out in the wild to millions of systems that have not been patched hence the Black part. Reboot Wednesday is the day that we actually have time to reboot our systems with the latest patches. For a Black Tuesday like yesterday we might be rebooting until the end of the week! A little more on Black Tuesday, Microsoft this month decided to release a patch on 14 vulnerabilities. They patched the vulnerabilities on certain software and did NOT patch others. Therefore, Microsoft basically published a vulnerability that was not released to the public yet and has not been patched... read on:

The company everyone loves to hate! Want another reason, check it out. Up until yesterday there were multiple PowerPoint 0-day vulnerabilities. Yesterday, Microsoft released the patch to fix all these vulnerabilities on CERTAIN versions (Windows versions)! The patch: MS09-017 which you can now find on Windows Update will fix the following vulnerabilities:

CVE-2009-0220 CVE-2009-0221 CVE-2009-0222 CVE-2009-0223 CVE-2009-0224 CVE-2009-0225 CVE-2009-0226 CVE-2009-0227 CVE-2009-0556 CVE-2009-1128 CVE-2009-1129 CVE-2009-1130 CVE-2009-1131 CVE-2009-1137

However, if you are running Office 2004 (Mac), Office 2008 (Mac), or Microsoft Works 8.5 or 9.0 you are still vulnerable! Not only that, but there were no known 0 day vulnerabilities for these versions until yesterday when MICROSOFT released them: CVE-2009-0224 CVE-2009-0556 CVE-2009-1130 Now understand that they have addressed the majority of Office users and who uses Microsoft Works anyways? You can argue Mac users should be using iWork or openoffice but it's about the principle that they released a vulnerability for their unpatched product.

Suggestion: Patch your systems

Adobe is no better. They have known about this 0 day vulnerability for a month now and finally have decided to release the patch. This patch will fix the issue with most versions of Adobe Reader and Acrobat. The patch APSB09-06 addresses two vulnerabilities one that appears to be Unix only and one that crashes the application and can let the attacker get remote control.

Suggestion: Patch your systems

Saving the best for last, Apple yesterday released a patch for their latest operating system. Mac OS X 10.5.7 update This patch is like a service pack for Windows users to relate. The patch fixes multiple vulnerabilities and I hear rumors it finally fixes the ATI driver issues. This patch is all our nothing so go for it!

Suggestion: Patch your systems

This Black Tuesday is giving a lot of us IT and security administrator's lot's of work for the week. Thankfully most of our servers won't need to be rebooted right?

Till next time,
Jorge Orchilles


No response to “Black Tuesday and Reboot Wednesday?”
Post a Comment | Post Comments (Atom)