Microsoft will release 14 bulletins for next Tuesday’s update.
3 items are rated “critical” and 11 are rated as “important”.
- All three critical items deal with remote code execution vulnerabilities in Windows.
- The important rated bulletins consist of vulnerabilities in Windows, Office, IE, Media Player and Publisher.
- Seven remote code execution vulnerabilities
- Three elevation of privileges issues
- One information disclosure flaw
Get ready to drop some patches next week. These remote code execution vulnerabilities will only remain “important” for as long as it takes to reverse engineer the patch code and identify the changes. After that, they become critical.
The “Anonymous” group of hackers have attacked the websites of several law enforcement agencies worldwide. In Boston and Salt Lake City, police say personal information on confidential informants and citizen drug crime complaints, amongst other personal information was compromised.
The attacks come after Anonymous published a recorded phone call between the FBI and Scotland Yard early Wednesday, claiming to have had access to confidential information for months, and in Greece, the Justice Ministry took down its site Friday after a video by activists was displayed there for at least two hours. In Boston, a message posted on the police website said, “Anonymous hacks Boston Police website in retaliation for police brutality at OWS,” referring to the Occupy Wall Street movement, and claimed that hundreds of passwords were released in retaliation for brutality against Occupy Boston participants.
Boston police acknowledged in October that websites used by members of the police department may have been compromised. It had asked all department personnel to change their passwords on the police department’s network.
The Salt Lake City website remained down Friday as the investigation continues, and criminal charges are being considered. Police blamed the attack on Anonymous’ opposition to an anti-graffiti paraphernalia bill that failed in the state Senate. The bill would have made it illegal to possess any instrument, tool or device with the intent of vandalism.
The hacktivists say they attacked the website of a Virginia law firm which represented a US Marine convicted in a 2005 attack in Iraq that resulted in the deaths of 24 unarmed civilians.
Action really needs to be taken, these hooligans are being allowed to run amok around the Internet, interfering with all manner of systems, and potentially causign life threatening consequences. Their lack of good judgement and disregard for who suffers as a result of their exploits makes these people a serious threat to businesses, innocent by-standers, and law enforcement officers alike.