Are you disappointed that Windows 8 might not support Desktop Gadgets? Then you really won't like this news: Microsoft wants you to stop using them on Windows 7 and Vista, too. Immediately. That's not because of some deep-rooted hate for the visual helpers, but because of concerns that hackers could use new Gadget and Sidebar exploits to deep-root your PC.
It's that time of the month again when Microsoft plugs some of the holes in its software. If the sheer number of vulnerabilities a Patch Tuesday addresses is the best way to gauge its significance, it does not get any bigger than this: MS is slated to release 14 security bulletins covering 34 vulnerabilities in Windows, Internet Explorer, Office and Silverlight.
But the record number of security bulletins will not include a fix for a recently revealed bug in the Windows kernel driver. The zero-day bug was reported by Gil Dabah (aka Arkon), an Israeli security researcher, who also published proof-of-concept exploit code on his site RageStorm.com. According to Jerry Bryant, Microsoft's group manager of response communications: "Microsoft is investigating reports of a possible vulnerability in Windows Kernel. Upon completion of the investigation, Microsoft will take appropriate actions to protect customers."
“This issue is caused by a buffer overflow error in the 'CreateDIBPalette()' function within the kernel-mode device driver 'Win32k.sys' when using the 'biClrUsed' member value of a 'BITMAPINFOHEADER' structure as a counter while retrieving Bitmap data from the clipboard, which could be exploited by malicious users to crash an affected system or potentially execute arbitrary code with kernel privileges,” reads an advisory issued by French security research firm VUPEN.
Microsoft has already addressed 13 Windows kernel bugs in 2010. According to security researcher Tavis Ormandy, who recently infuriated Redmond by hastily exposing a critical zero-day Windows bug, the company has been vulnerable to public kernel flaws for most of this year.
Microsoft issued a Security Advisory (980088) to warn users of a vulnerability in Internet Explorer (shocking) that could potentially expose all local files on a filesystem with a known name and location.
The vulnerability was discussed and proof of concept code was written and demonstrated at the Black Hat DC conference by Jorge Luis Alvarez Medina, a security consultant with Core Security Technologies.
Microsoft responded with details and causes of the vulnerability, most notably pointing to disabling the Protected Mode within IE or running versions of IE that don’t include a Protected Mode. This amounts to vulnerability across Internet Explorer 5.01 and IE6 SP1 on Windows 2000 SP4, as well as IE6, IE7, and IE8 on supported editions of Windows XP and Windows Server 2003. However, Protected Mode is running by default on IE7 and IE8 on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 and prevents the issue.
Microsoft noted that they are unaware of attacks using the vulnerability and recommended users upgrade to the latest version of IE. You can find more details in the security advisory and knowledge base article to make sure you are protected.