Several Core Components in Windows Patched in August Patch Tuesday
This month, Microsoft issues nine bulletins that addresses a total of 15 vulnerabilities. Of the five bulletins rated Critical, three point to vulnerabilities found in core components in Windows.
Remote Desktop Protocol (RDP) and Internet Explorer version 6 to 9, both of which were updated in June, are again included in the critical-rated vulnerability list. A Windows print spooler vulnerability and Windows networking components vulnerabilities, rated Critical, are also patched this month. Another update to a Windows Common Controls file (MSCOMCTL.OCX) has been issued. Note that this file exists in a host of Microsoft applications – some of them are MS Visual FoxPro, MS Office, MS SQL Server. Back in April and May this year, another vulnerability (CVE-2012-0158) in MSCOMCTL.OCX was actively exploited by attackers. Some of the exploits were seen in targeted attacks.
Trend Micro Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plugin users are actively protected from exploits targeting these vulnerabilities via the rules that shipped out today. More information on the specific rule protection and the vulnerabilities are found in this Threat Encyclopedia page.
Post from: TrendLabs | Malware Blog – by Trend Micro