This month’s security updates highlight a worrisome trend: the bad guys are attacking our PCs with new exploits before we’ve received patches to protect us.
One way we can apply some early protection for one of these zero-day threats is to apply Microsoft fixits — until a formal patch is released.
MS12-043 (2719985, 2721691, 27216913)
XML vulnerability triggers another fixit
In the June Patch Watch, I recommended installing a temporary fixit (50897) while we waited for the actual patch. The Patch Tuesday, Microsoft released three patches for Microsoft XML Core Services Versions 3.0, 4.0, and 6.0. All three patches are rated critical for workstation editions of Windows. According to Microsoft, there have already been attacks using the vulnerability in these services.
Microsoft recommends uninstalling fixit 50897 after installing these updates. But I recommend leaving it on, if you’ve already installed it.
There’s still no patch for XML Core Services 5.0. And although one should come soon, it might not be soon enough to protect us from potential attacks. (Microsoft states that it has not yet seen any attacks against Version 5.0.) In the meantime, MS recommends that Office 2003 and 2007 users apply fixit 50908, as noted in a July 20 MS Security Research & Defense blog.
MS12-044 (2719177), MS12-045 (2698365)
A one-two punch for malicious websites
The two patches in MS12-044 (Internet Explorer) and MS12-045 (MS Data Access Components) block potential attacks from malicious webpages. The vulnerabilities patched by these updates are likely to be exploited within the next 30 days. Both patches are rated critical for Windows XP, Vista, and Windows 7 systems.