In case anyone missed this fact: I love to write. The nerdier the content, the better. And when I heard that the JAMF Nation User Conference had a session for InfoSec (and specifically around how we do vulnerability assessments), I knew that was my kind of session. So, the marketing team was kind enough to let me write it up. Here it is on the JAMF Software blog: http://www.jamfsoftware.com/blog/jamf-software-security-and-vulnerability-assessments/.
krypted October 13th, 2015
Posted In: JAMF
The Office 12.1.7 update is out and available for download. Because this is a security fix, you should definitely run this update. Provided you use Microsoft Auto-Update you should be able to install it automatically; otherwise, Microsoft describes the update and has a download available in their KnowledgeBase. It’s a rather large update, at about 268MB. I made a snapshot and looked at what it does, and like many updates from Microsoft before it, it changes so many files it’s difficult to tell exactly (including all of the .app bundles). Per Microsoft:
This update fixes vulnerabilities in Office 2008 that an attacker can use to overwrite the contents of your computer’s memory by using malicious code. For more information, see the security bulletin that is mentioned in the “Introduction” section.
Not to complain or anything, but the security bulletin about the vulnerability that this update is supposed to fix only pertains to Excel. Therefore, it seems silly to update the auto-updater, proofing tools, etc. Remote code execution vulnerabilities are a big deal and all, and so I am all for running this, but it seems like the update should be a few MB, not a few hundred. And there are absolutely no other fixes mentioned in the KB article. Maybe it’s not weird, since I’m assuming any of these apps can open an Excel document, and I’m just being grumpy again… No it’s weird – but run the update anyway.
And if you run the update, you’ll need to Allow Entourage access to open network connections again, if you’re using the 10.5 application firewall (and you should be using the firewall). But you won’t have to wait for anything to be done to the Entourage database, no defrags/rebuilds/whatever it does sometimes.
krypted April 19th, 2009