October Patch Tuesday Roundup

Blog Post created by rapid7-admin on Oct 14, 2010

Originally Posted by Suzanne Dickson



Although Microsoft’s October patch covers 39 vulnerabilities, there are only 4 critical bulletins.   One of the vulnerabilities, covered by bulletin MS10-083, was reported to Microsoft by HD Moore back in 2006.   Unfortunately, according to HD Moore, despite the long wait, the fix “does not completely solve the underlying vulnerability, but it does block the easiest routes to exploitation.” 

In addition, Josh Abraham, one of Rapid7’s vulnerability research experts, recommend paying attention to bulletin MS10-071 which address a variety of vulnerabilities that could be leveraged to gain control of workstations via drive-by malware based attacks.  “The best way to address the risk of client based attacks is to combine user awareness training with an effective patching process.” 

For details regarding Microsoft’s October Patch Summary: