An article in SC Magazine recommends that organizations apply this month’s Microsoft patches very quickly.
Among the patches:
- One vulnerability, CVE-2014-6332, had been remotely exploitable for 18 years prior to its patch, and could be used by an attacker to circumvent Microsoft’s free anti-exploitation tool EMET and its Enhanced Protected Mode (EPM) sandbox in Internet Explorer 11 to carry out drive-by attacks.
- Another bug, CVE-2014-6321, impacts the Windows Secure Channel (Schannel) security package, technology that implements SSL and TLS secure communications protocols.
- Lastly, a bug gaining the attention of security experts, CVE-2014-6332, was designated by Microsoft as a “Windows OLE automation Array Remote Code Execution Vulnerability”.
Two of these bugs have been present since Windows 95. NOW that the hackers know that they exist, that most people are slow to patch systems and that they will affect systems all the way back to Windows 95 in some cases (i.e. a huge “target of opportunity”), expect attacks to be coming. Microsoft is NOT releasing patches for Windows XP or earlier, so those systems are becoming more of a siting duck every day.