patch summary webinar april 11
TRANSCRIPT
![Page 1: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/1.jpg)
Patch Overview March/April
Wolfgang Kandek, Qualys, Inc
April 11, 2012
![Page 2: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/2.jpg)
March Patches• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
![Page 3: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/3.jpg)
March Patches• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
• Adobe Flash – 4 critical
![Page 4: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/4.jpg)
March Patches• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
• Adobe Flash – 4 critical
• Oracle Java 0-day – March, 4: Java v7u17
![Page 5: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/5.jpg)
March Patches• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
• Adobe Flash – 4 critical
• Oracle Java 0-day – March, 4: Java v7u17
• CanSecWest – Pwn2Own Competition
• Oracle Java 4x US$20,000
• Chrome, Firefox, Internet Explorer – each US$ 100,000
• Adobe Flash and Reader – each US$70,000
![Page 6: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/6.jpg)
April Patches• Microsoft April, 9: 9 bulletins – MS13-028-MS13-036
• 2 critical, 7 important
• Internet Explorer MS13-0028
• RDP ActiveX MS13-029
• No PWN2OWN
![Page 7: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/7.jpg)
April Patches• Microsoft April, 9: 9 bulletins – MS13-028-MS13-036
• 2 critical, 7 important
• Internet Explorer MS13-0028
• RDP ActiveX MS13-029
• No PWN2OWN
• Adobe Flash – 4 critical
• PWN2OWN – but not Adobe Reader
![Page 8: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/8.jpg)
April Patches• Microsoft April, 9: 9 bulletins – MS13-028-MS13-036
• 2 critical, 7 important
• Internet Explorer MS13-0028
• RDP ActiveX MS13-029
• No PWN2OWN
• Adobe Flash – 4 critical
• PWN2OWN – but not Adobe Reader
• Oracle Java Scheduled Patch Day – April, 16
• Out-of-band scheduled
• Java 6 now end of life
• PWN2OWN unlikely
![Page 9: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/9.jpg)
Patch Monitoring• Microsoft
• Apple
• Adobe
• Flash
• Reader
• Oracle Java
![Page 10: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/10.jpg)
Patch Monitoring• Microsoft
• Apple
• Adobe
• Flash
• Reader
• Oracle Java
What really gets attacked ?
![Page 11: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/11.jpg)
March/April Patch related
![Page 12: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/12.jpg)
March/April Patch related
![Page 13: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/13.jpg)
March/April Patch related
![Page 14: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/14.jpg)
March/April Patch relatedEMET - Enhanced Mitigation Experience Toolkit
• Straight jacket for Windows programs
• Checks for often abused attack vectors
• DEP, ASLR bypass, Headspray, StackPivot, ROP
• Often cited by Microsoft as a valid mitigation technique
• V3.5
• manageable via GPO
• Integration of BlueHat Prize Mitigation Technologies
![Page 15: Patch Summary Webinar April 11](https://reader031.vdocument.in/reader031/viewer/2022020218/55945d6b1a28ab130c8b4799/html5/thumbnails/15.jpg)