Microsoft is out with its monthly Patch Tuesday update today, delivering four separate security advisories. Only one of the advisories is rated as critical, two are rated as important and one is rated as having moderate risk.
From an immediate impact perspective, the MS11-083 bulletin in the November Patch Tuesday update is the most urgent, as it carries a critical impact rating from Microsoft. The flaw is officially titled,”Vulnerability in TCP/IP Could Allow Remote Code Execution.”
“Since this vulnerability does not require any user interaction or authentication, all Windows machines, workstations and servers that are on the Internet can be freely attacked,” Qualys CTO Wolfgang Kandek wrote in his evaluation of the bulletin. “The mitigating element here is that the attack is complicated to execute.”
Rapid7’s Carey noted that the denial of service (DoS) attack vector that the TCP/IP flaw enables is the preferred weapon of choice of many hacktivist organizations. According to Carey those hacktivist organizations would likely love to be able to launch mass DoS attacks related to this flaw.
“This flaw could affect any service, not just Web servers, which would be better than the garden variety DoS attack,” Carey said. “Bottom line: since this is a core flaw in how the systems process UDP traffic, any computer running it should get this patched as soon as possible.”