Microsoft closes IE and Stuxnet holes
As previously announced, Microsoft has released 17 security updates to close 40 security holes. Three of the updates deserve particular attention: MS10-090, a cumulative patch for Internet Explorer, fixes six holes including the Cascading Style Sheets (CSS) vulnerability that has been known and actively exploited for several weeks.
However, a new vulnerability disclosed in Internet Explorer last weekend in connection with the processing of import tags in CSS can probably also be exploited to infect Windows PCs. While an available exploit only causes the browser to crash, both Secunia and the French security firm VUPEN have said in their relevant advisories that the flaw can potentially be exploited to inject and execute code. Microsoft is currently investigating the problem.
The second critical update, MS10-091, closes three, previously undisclosed, holes in the OTF (OpenType Font) driver. The holes can also be exploited via infected web pages. Interestingly, Microsoft's credits reveal that Marc Schoenefeld, a member of the Red Hat Security Response Team, found and reported two of the holes.
Announced quite a while back, update MS10-092 has now closed a hole in the Task Planner exploited by the Stuxnet worm to escalate its access privileges. This means that all four Windows holes so far disclosed in connection with Stuxnet have now been closed.
Most of the remaining 14 holes patched, for instance, in Media Encoder, Movie Maker, Office for Windows and in the Windows address book, also allowed attackers to compromise a system. However, they required users to manually open a specially crafted file. Two further updates fix vulnerabilities in the SharePoint and Exchange servers.
An overview of all the updates is available in the Microsoft Security Bulletin Summary for December 2010.