Thursday, January 12, 2012

Microsoft finally vanquishes the BEAST( Duqu ) related bug

A Microsoft Windows update today fixes a weakness in the protocols used to secure e-commerce sites, which was first exposed by researchers using a tool they dubbed "BEAST."

 Microsoft planned to release the BEAST (Browser Exploit Against SSL/TLS)-related patch last month, but had to pull it because it created compatibility issues with SAP software. Researchers had demonstrated the vulnerability using BEAST in September, prompting fears that attackers would use the tool to snoop on protected Internet sessions in what is called a "man-in-the-middle" attack. MS12-006 patches a hole in the Secure Sockets Layer and Transport Layer Security protocols.

The seven bulletins in Microsoft's Patch Tuesday release fix eight vulnerabilities and only one bulletin is rated "critical" -- MS12-004. It plugs two holes in Windows Media Player that could allow an attacker to take over a computer by sending a malicious MIDI or DirectShow file to a targeted user. More details are available at the Microsoft Technet blog.

 The security bulletin summary for January also includes MS12-001 to address a security feature bypass flaw, a new category of issues that can't be directly exploited by an attacker, but which an attacker could use to facilitate use of another exploit.

 Meanwhile, Adobe released updates today for Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh to resolve critical security issues.