04-10-2012 10:21 AM - edited 04-10-2012 10:24 AM
This thread is for discussion of the following Microsoft Security Bulletin:
Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
This security update resolves a privately disclosed vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability. In all cases, however, an attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website. The malicious file could be sent as an email attachment as well, but the attacker would have to convince the user to open the attachment in order to exploit the vulnerability.
04-12-2012 07:44 AM
So it seems this is the bad boy of this month's releases. It already has exploit code released and is being utilized "in targeted attacks". So is this worth pushing through the process and getting it installed w/o our normal validation process?
04-12-2012 07:51 AM
Good ol' ActiveX. I'm going to look at the analytics to see how many of our site visitors are using Internet Explorer. Any guesses?
04-12-2012 08:13 AM
50% using IE
25% using FireFox
25% using Chrome
Or I could ask what the "standard" browser is for nCircle managed desktops and say that will be 75% of the browsers used as I imagine that is a large percentage of the traffic to the site.
04-12-2012 01:44 PM
The breakdown would be interesting since this is more security based group. I would hope that IE get the 25% and FF and Chrome get the 75%.
If not, just wait until Sunday
04-12-2012 07:08 PM
And the results...
Visits over the past month by browser used:
- Chrome (35%)
- Internet Explorer (29%)
- Firefox (21%)
- Safari (8%)
- Other (7%)
04-18-2012 11:37 AM
Ok, back to a legitimate question:
My desktop team is asking me to not use MS Bulletin Numbers but KB numbers with my recommendations to them on what they should patch. And they want to know which KB's we're advising them to update and which from the Bulletin they can ignore. This particular one actually has many KB#'s. Do you get asked this often? I know when I query my A/D machines I can do it via KB#, but typically when I recommend patches it is the bulletin number, not the KB#'s as is the case with MS12-027 there are like 12 or more KB #'s.
Any ideas / experiences of others on how you answer this dilemma? Just saying well, patch them all doesn't sound sufficient or professional so I'm looking for advice on how to answer these (technically speaking and business related).