{"id":1856,"date":"2013-05-17T10:00:31","date_gmt":"2013-05-17T14:00:31","guid":{"rendered":"http:\/\/me-en.kaspersky.com\/blog\/?p=1856"},"modified":"2020-02-26T18:56:59","modified_gmt":"2020-02-26T14:56:59","slug":"patch-tuesday-closes-vulnerabilities","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/","title":{"rendered":"Patch Tuesday Closes Big Time Vulnerabilities, but Only if You Install Updates"},"content":{"rendered":"<p><a href=\"https:\/\/threatpost.com\/microsoft-patches-department-of-labor-pwn2own-ie-vulnerabilities\/\" target=\"_blank\" rel=\"noopener nofollow\">Microsoft<\/a> (and <a href=\"https:\/\/threatpost.com\/adobe-patches-coldfusion-flash-reader-vulnerabilities\/\" target=\"_blank\" rel=\"noopener nofollow\">Adobe<\/a> for that matter) released a slew of security updates in the May 2013 edition of their monthly patch Tuesday release. As always, if your machine isn\u2019t set to automatically install these upgrades, then <a href=\"https:\/\/me-en.kaspersky.com\/blog\/5-ways-to-protect-your-new-computer\/\" target=\"_blank\" rel=\"noopener\">make sure you agree to install them<\/a> when prompted to do so by Microsoft (or Adobe).<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2013\/05\/05113652\/updates_title.gif\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1857\" alt=\"patch tuesday updates\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2013\/05\/05113652\/updates_title.gif\" width=\"640\" height=\"420\"><\/a><\/p>\n<p>I don\u2019t want to beat the dead horse too relentlessly here, but there is literally no good reason not to install security updates. Not one. You don\u2019t have to do anything but click \u2018yes,\u2019 or, in most cases, wait a few extra minutes while your machine boots up and installs them automatically. In fact, just now, as I was writing this up, <a href=\"https:\/\/me-en.kaspersky.com\/blog\/adobe-pdfs-security\/\" target=\"_blank\" rel=\"noopener\">Adobe<\/a> informed that it successfully updated. I didn\u2019t even know it was installing anything. That\u2019s how easy it was.<\/p>\n<p>Ease aside, not installing security upgrades is like not getting a flu shot: it puts everyone else at higher risk of getting infected, because when you shirk on your updates, you\u2019re contributing to the increasingly voluminous pool of easily exploitable machines. Furthermore, the problem is one of those pesky, self-perpetuation ones. As more machines are compromised, the cybercriminals have more computing power, potential account access for phishing attacks, and other resources that they can use to compromise more and more machines.<\/p>\n<div class=\"pullquote\">Criminals exploited one of the now-patched Internet Explorer vulnerabilities used in watering hole attacks targeting the United States Department of Labor.<\/div>\n<p>And these updates aren\u2019t just willy-nilly, intangible things that no one understands. Criminals exploited one of the now-patched Internet Explorer vulnerabilities <a href=\"https:\/\/threatpost.com\/watering-hole-attack-claims-us-department-of-labor-website\/\" target=\"_blank\" rel=\"noopener nofollow\">used in watering hole attacks targeting the United States Department of Labor<\/a>. The DoL attack is widely believed to have been a stepping stone in a broader campaign targeting nuclear weapons program researcher at the Department of Energy. In the days that followed, the same vulnerability was exploited in <a href=\"https:\/\/threatpost.com\/usaid-workers-also-targeted-by-dol-watering-hole-attackers\/\" target=\"_blank\" rel=\"noopener nofollow\">Cambodian watering hole attacks on the US Agency for International Development<\/a> (USAID).<\/p>\n<p>Water holing or watering hole attacks are a technique whereby attackers compromise a website that they believe their real target will visit. So, in these cases, attackers infected a DoL website to snare DoE and other valuable government employees and it was also used to <a href=\"https:\/\/me-en.kaspersky.com\/blog\/how-attackers-actually-steal-data\/\" target=\"_blank\" rel=\"noopener\">phish<\/a> USAID workers in Cambodia.<\/p>\n<p>Perhaps more alarmingly yet, Adobe patched a vulnerability in its ColdFusion application development platform that <a href=\"https:\/\/threatpost.com\/washington-court-data-breach-exposes-160k-ssns\/\" target=\"_blank\" rel=\"noopener nofollow\">attackers had already exploited to compromise servers belonging to the Washington State court system<\/a>, exposing an astounding 160,000 social security numbers as well as the driver\u2019s license numbers and names of more than a million people.<\/p>\n<p>As noted by Kaspersky Lab expert and friend of the blog, <a href=\"http:\/\/www.securelist.com\/en\/blog\/208195028\/Microsoft_Updates_May_2013_Slew_of_Internet_Explorer_Critical_Vulnerabilities_Kernel_EoP_and_Others\" target=\"_blank\" rel=\"noopener nofollow\">Kurt Baumgartner<\/a>, Microsoft also supplied fixes for a few \u201cless sexy\u201d but no less important escalation of privilege vulnerabilities. EoPs, as they\u2019re called, are often used after a compromise so that attackers can gain full user rights of infected machines. Of course, once an attacker has full user rights, he or she can do whatever nefarious thing he or she wants.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft (and Adobe for that matter) released a slew of security updates in the May 2013 edition of their monthly patch Tuesday release. As always, if your machine isn\u2019t set<\/p>\n","protected":false},"author":42,"featured_media":1858,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[38,398],"class_list":{"0":"post-1856","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-microsoft","9":"tag-patches"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/patch-tuesday-closes-vulnerabilities\/1856\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/microsoft\/","name":"microsoft"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/1856","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=1856"}],"version-history":[{"count":1,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/1856\/revisions"}],"predecessor-version":[{"id":15540,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/1856\/revisions\/15540"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/1858"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=1856"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=1856"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=1856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}