Patch Tuesday March 2012

Time for my review of this month’s release of updates from Microsoft and others.

This Patch Tuesday brings a fairly small number of updates from Microsoft and some updates from Apple.

As I wrote this post, the Internet Storm Center issued a Yellow Alert! This is rare and was done to stress the importance of this Windows Update. It is important that you update now and make sure your Windows computer is updated for the RDP vulnerability below.

While Microsoft’s release is fairly small it has one very important update. The Apple updates affect any users of Safari which might or might not include you even if you don’t have an Apple computer.

Window Update
This is what Window Update looks like in the start menu

Microsoft’s Patch Tuesday release first.

Like I said, not too many updates to download. I had just 4 updates listed as critical to download and install on many XP systems. There are a few other that are considered optional that won’t be automatically updated if you only do automatic updates. There is one update that is very important.

One of the Microsoft updates is for the Remote Desktop Protocol known as RDP. RDP allows a Windows computer to be operated remotely from another computer using a network. With RDP, you can connect from another computer using that computer’s screen, keyboard, and mouse and it is just like sitting in front of the remote computer. This can even be done over the Internet. Addressing issues make this a bit complicated use over the Internet for an average person but it can still be done.

The Remote Desktop Protocol vulnerability this patch fixes could be very bad.

It has a hole that allows someone to connect to a remote computer without the correct credentials and gain full access to the computer. They can bypass not knowing the passwords for the computer and gain administrative (complete) rights on the computer.

This RDP problem Microsoft believes could even be wormable. That means attackers can simply connect and spread from one computer to another without the victims actually doing anything. With a virus, the victim must do something like visit a website, download a file, or receive and email. A worm sends itself to the next computer and all that computer needs for it to be attacked is connected to a network. Not even just turning it off is totally safe as a computer can be set up to be turned on by a network signal (don’t worry, you’re computer is probably not set up for this but it is conceivable). Again, any computer without this patch and connected to a network, virus software and firewall or not, could be attacked and taken over.

The good news is that there is no know use of the RDP vulnerability yet. However, Microsoft expects that this could change even within the next 30 days. Just moments after I wrote that, I discovered that a proof of concept attack was announced on the the Internet. This means active use of the vulnerability in attacks could start anytime now. So, make sure your computer is fully patched now.

Video: How to update Windows XP manually.

Just a note: there have been a lot of “fake” RDP exploits released in relation to this but the fear is there will be a real one coming very soon.

With Apple’s new iPad, they released a number of software updates.

There were updates to the IOS that runs on the iPad and iPhone. The updates that will affect the largest number of people though, are the Safari updates. The Safaro updates fix a large number of vulnerabilities and issues in Safari and the Webkit software it’s based on. Other browsers that use Webkit were updated this some time ago and there are some exploits this fixes. The update was overdue and you should make sure you’ve got Safari updated.

Who needs this Apple software update?

Well, if you have a Mac you obviously are a primary candidate. If you have an Apple device like an iPad, iPhone, or iPod you may need it even if you have a Windows computer. With iTunes, Safari is also often installed. That means you need the update. It’s possible you may have it even if you just let a friend connect his device to your computer for some reason. Also, many computers have Apple’s Quicktime multimedia viewer installed and may have installed Safari also.

Update your IOS device software if you have one. If you don’t have an Apple device, check to see if you have Quicktime, iTunes, or Safari on your computer (check the Add/Remove Programs in Control Panel). You should be able to update the software from it’s menu system or you could remove it if you don’t need it.

Also, at a recent hacking contest, Google’s Chrome browser was finally hacked.

For the first time, someone managed to crack Google Chrome’s security. They earned a fairly large reward from Google (who pays anyone who finds exploits in Chrome and lets them know). The next day, Google updated Chrome to fix the problem. If you use Google Chrome, it’s already been automatically updated and you are still using the safest browser available.

Once again, make sure your Windows computer gets this month’s update as soon as possible!

In just the 2 days since the Microsoft Patch Tuesday release the concern over a coming RDP exploit has increase. Especially in the last few hours. This may be a very big problem very soon. Hopefully, it won’t prove to be such a big problem. There is serious concern that it could spread quickly and it will allow a complete take over of the computer with little defense. If you computer is simply on and connected to any kind of network when the exploit hits, it could be attacked. Patch now!