diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Microsoft Nov. 2011 ‘Patch Tuesday’ Addresses Four CVEs; Hosts BlueHatv11

Microsoft on November 2-4th hosted its 11th BlueHat conference, featuring presentations from hand-picked security researchers about current and emerging security threats. Here’s a short video showing what attendees had to say about this year’s event:

Also, in November 2011 ‘Patch Tuesday’, Microsoft released four security updates, to increase protection by addressing four privately reported CVEs in Microsoft Windows.

“MS11-083 (TCP/IP): This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow Remote Code Execution if an attacker sends a continuous flow of specifically crafted UDP packets to a closed port on a target system.”

“The vulnerability presents itself in the specific scenario where an attacker can send a large number of specially crafted UDP packets to a random port that does not have a service listening. While processing these network packets it is observed that some used structures are referenced but not dereferenced properly. This unbalanced reference counting could eventually lead to an integer overflow of the reference counter.”

In the video below, Jerry Bryant discusses this month’s bulletins in further detail:

Below is a deployment priority guidance (click for larger view):Nov 2011 Patch Tuesday: deployment priority guidance

and, the following risk and impact graph shows an aggregate view of this month’s severity and exploitability index (click for larger view):Nov 2011 Patch Tuesday: risk and impact graph

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...