The April Patch Tuesday event happened this week, and with it, Microsoft released a number of important security fixes for users of Windows and MS Office. As part of the April release, Microsoft has released 11 security bulletins, four of which are rated as critical fixes for remote code execution flaws.
The most important patch for standard users corrects an exploit in Office that has already been seen used in “limited attacks” in the wild. The MS15-033 vulnerability allows an attacker to gain control of a user’s system through the use of a specially crafted Office file. If a user opens the infected document, the attacker would gain control over certain processes within the system. Microsoft points out that the threat level of this vulnerability is lessened if the user has restricted access rights on the system. The security bulletin is rated as “Critical”, regardless.
Of special importance to system admins is an HTTP.sys patch for Windows Server. Microsoft said it is a vulnerability in HTTP.sys that could allow remote code execution through the use of a specially crafted HTTP request, and it affects Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1 and Windows Server 2012 R2. The vulnerability allows an unauthorized user to remotely execute code in the context of the System account; meaning that an attacker is granted a high privilege level and has a great deal of control over the system.
Because of the potential severity of these exploits, it is recommended that you install the latest security patches as soon as possible. If your business needs assistance with patch management, ITCSNY offers patching as part of Managed Services. Contact us today and we will help you get started.
– Richard Keene
IT Computer Support of New York
Webmaster and Lead Designer