SANS ISC: Microsoft December Patches - Internet Security | DShield

• SANS Site Network
  • Current Site
  • Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

Details about the MSFT December patches just showed up online. We will update this page as we find out more.

MS 05-54: Cumulative Security Update for Internet Explorer

First look: This DOES NOT fix the javascript window() issue. Still translating from "Microsoft" to "English".

http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx

MS 05-55: Vulnerability in Windows Kernel Could Allow Elevation of Privilege.

A vulnerability in the Asynchronous Procedure Call queue allows local users to escalate their privileges. A regular user (who has to be logged in first) could use this vulnerability to gain Administrator privileges.
Microsoft rates this vulnerability as "Important" as there is no direct remote vector to exploit this issue. However, coupled with an Internet Explorer vulnerability or similar issues, this could be used to gain Administrator privileges even if a user runs Internet Explorer as a less privileged user.
Note that remote exploit may be possible if user credentials are known.
http://www.microsoft.com/technet/security/Bulletin/MS05-055.mspx

I will be teaching next: Intrusion Detection In-Depth - SANS London July 2019