Recent Security Updates and Patches for Microsoft Windows

There have been a number of news stories recently about the “Flame” malware that the U.S. government developed. Flame capitalizes on a design flaw that allows individuals to use terminal server certificates to sign code as Microsoft. The malware sets up a “man-in-the-middle” attack and then issues malicious “Windows updates” signed “by Microsoft.”  Microsoft has released both Windows and WSUS patches to fix this design flaw.

Microsoft also released a patch recently for an issue with Remote Desktop Protocol (RDP) that allows anyone to execute any code on the server, without having to authenticate or log in. This update is similar to the previous RDP issue patched last March. Microsoft gave this problem their highest exploitability and severity rating.

If you have any questions regarding these recent Microsoft updates, or other questions regarding computer support, please don’t hesitate to contact us. We welcome the opportunity to assist you with your IT support needs.


This entry was posted in General, Microsoft, Security and tagged , , , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.