Info from Symantec - Microsoft February 2011 Patch

On Tuesday, Microsoft issued 12 security bulletins which address 22 vulnerabilities. Five of these vulnerabilities have been rated critical by Microsoft.

“Among the six previously public vulnerabilities fixed, the Internet Explorer cascading style sheet issue is the only one Symantec is seeing actively being used in attacks,” said Joshua Talbot, security intelligence manager, Symantec Security Response. “The attacks aren’t extremely widespread, but we did recently see a spike in activity. IT managers should patch this right away, especially those that have not implemented the temporary work-around released last month.”

“At least one of the other critical Internet Explorer vulnerabilities patched is likely to be exploited.” Talbot added. “The uninitialised memory corruption vulnerability appears to be even easier to take advantage of than the cascading style sheet flaw. So, if cybercriminals are able to reverse engineer the patch – and they will certainly try to – we’ll probably see exploits for that one, too.”

“It’s great to see so many vulnerabilities getting fixed, but months like this can be challenging for IT managers,” Talbot concluded. “Considering Adobe is also releasing a security update and a major Java release is expected from Oracle in the coming weeks, February is going to be busy. The key will be prioritising. Patch all the ‘critical’ vulnerabilities first, and then move on from there.”

Symantec strongly encourages users to patch their systems against all vulnerabilities addressed this month.

The Symantec Security Response blog can be viewed here:
http://www.symantec.com/connect/symantec-blogs/sr

Additional information on Microsoft’s security bulletins can be found here:
http://www.microsoft.com/technet/security/bulletin/ms11-feb.mspx

ENDS

© Scoop Media