Week In Review - 14/12/2007 - Microsoft Patches Ahoy!

Date: 13 December 2007 Original URL: http://www.auscert.org.au/render.html?cid=7066&it=8506 Greetings AusCERT Members, This week contained another Microsoft Patch Tuesday (which for those of us on the more appropriately time-zoned parts of the world is actually Patch Wednesday), with some vulnerabilities in Internet Explorer, Windows Media Player and DirectX, as well as some more 'internal' windows components such as Vista's kernel and SMBv2. If you have your automatic updates set up those patches should have been applied by now. In other news SANS has released a very short diary entry [1] regarding a couple of vulnerabilities in Juniper routers - malformed BGP packets can in some circumstances cause interfaces on the router to 'flap', or rapidly change state between up and down. JUNOS 7.3 to 8.4 can also be made to crash with specially crafted IPv6 packets. Both of these are remote vulnerabilities, so if you or your organisation use Juniper routers, it might be a good idea to keep an eye on Juniper's website [2] for updates. Enjoy your weekend. MDB [1] SANS Internet Diary http://isc.sans.org/diary.html?storyid=3748 [2] Juniper http://www.juniper.net