Microsoft Security Advisory (2506014)

Discussion in 'other security issues & news' started by ronjor, Apr 12, 2011.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,734
    Location:
    Texas
    https://www.microsoft.com/technet/security/advisory/2506014.mspx
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    This update was part of the Windows Update pack this month, but I'm curious, is this to patch out the exploit discovered a few months back regarding bypassing Kernel Patch Protection?
     
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From http://blogs.technet.com/b/srd/arch...g-the-risk-of-the-april-security-updates.aspx:
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,734
    Location:
    Texas
    Looks like it was added to expose rootkits so, possibly.

    http://msdn.microsoft.com/en-us/windows/hardware/gg487353.aspx
     
  5. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
  6. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
  7. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Sorry, what I'm understanding is that MS don't rate 32bit as affected, so what's the best course of action?
     
  8. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    32bit Windows doesn't have Kernel Patch Protection so is far more vulnerable. This was patching a flaw in KPP.
     
  9. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Thanks, it's just from what I'm seeing on Softpedia seems to say that 32bit users can benefit from manually installing, yet it can't be availableo_O
    I must be getting that bit wrong or something, thanks a lot.
     
  10. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    As far as it explains the patch isn't directly for KPP, it simply removes the functionality that was being abused by the rootkit to get past KPP.

    So technically 32bit users could get the patch but it wouldn't actually do anything for you.
     
  11. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Many thanks funkydude, now it's perfectly clear. Think copy of that article is
    a little ambiguous, since it got me thinking that I could enhance protection by
    manually installing,,,and you know(probably) how paranoid I can be!! :D
     
Loading...
Thread Status:
Not open for further replies.