Cisco Blogs


Cisco Blog > Threat Research

Microsoft Update Tuesday January 2015: Another Light Month, No IE Bulletins, More Changes to Reporting

This post was written by Yves Younan.

Microsoft’s first Update Tuesday of 2015 is pretty light, there’s a total of eight bulletins, all covering a single vulnerability. Seven of these bulletins are rated as important and just one is rated critical. No bulletin for IE is being released this month. Two of the vulnerabilities were publicly disclosed prior to today, while another one was being actively exploited by attackers.

Microsoft made a number of changes to Update Tuesday last month, such as dropping deployment priority in favor of their exploitability index (XI). This month more changes were made to the program: Microsoft is no longer providing their Advance Notification Service (ANS) to the general public, but is instead only providing it to premier customers.

Read More »

Tags: , , , , ,

Microsoft Patch Tuesday for December 2014: Light Month, Some Changes

This post was authored by Yves Younan.

Today, Microsoft is releasing their final Update Tuesday of 2014. Last year, the end of year update was relatively large. This time, it’s relatively light with a total of seven bulletins, covering 24 CVEs. Three of those bulletins are rated critical and four are considered to be important. Microsoft has made a few changes to the way they report their bulletins. Microsoft has dropped the deployment priority (DP) rating, which was very much environment-specific and might not be all that useful for non-default installations. Instead, they are now providing an exploitability index (XI), which ranges from zero to three. With zero denoting active exploitation and three denoting that it’s unlikely that the vulnerability would be exploited. Another change is to more clearly report on how the vulnerability was disclosed: was Microsoft notified via coordinated vulnerability disclosure or was the vulnerability publicly known before being released? Read More »

Tags: , , , , ,

Microsoft Update Tuesday November 2014: Fixes for 3 0-day Vulnerabilities

This month Microsoft is releasing 14 security bulletins. Originally they had planned to release 16, but due to issues that emerged in late testing, two bulletins that were announced in the Advance Security Notification, MS14-068 and MS14-075, have been postponed. Of the 14 bulletins, four are considered critical, eight are important, while two are moderate. They cover a total of 33 CVEs.

Read More »

Tags: , , , , ,

Microsoft Update Tuesday October 2014: Fixes for 4 0-day Vulnerabilities

This post was authored by Yves Younan

Microsoft Tuesday is here once again and this month they are releasing a total of eight bulletins. Three of which are rated as critical, while the remaining five are rated as important. There’s a total of 24 CVEs this month, 20 of which were privately disclosed to Microsoft and four which are either publicly known or under active attack, making them 0-day vulnerabilities. Of those four, two are being actively attacked, while two have been publicly disclosed but do not seem to be under attack for supported software. Of the 24 CVEs, 15 are categorized as allowing remote code execution, four as elevation of privilege and three as security feature bypasses.

Read More »

Tags: , , , , ,

Behind the WiFi Network @ Mobile World Congress 2014: Site Surveys

In my last blog I discussed setting the stage in preparation for the Wi-Fi network for Mobile World Congress 2014 which supported more than 80k devices over a span of 4 days. Today I’ll talk about one of the many site surveys we conducted at the Fira Gran Via to ensure the success of our high density network.  Full details in the white paper here.

High Density Wi-Fi deployments and site surveys go hand in hand. Pre-installation and post-installation site surveys account for the most effective way to identify the contours of your RF coverage and eliminate potential multipath distortions, hidden nodes, and other coverage issues. Special attention was given to the large keynote auditorium halls in order to keep a check on the additional RF coverage needs to accommodate the high density of users packed in a very close range.

sitesurvey1

View of inside the Hall-4 Keynote Auditorium (23000 sq ft) before the Facebook keynote session

Site Survey analysis used to measure the RF coverage in Hall-4 keynote auditorium

Site Survey analysis used to measure the RF coverage in Hall-4 keynote auditorium

The Hall-4 auditorium was one example of such a high density area with the 2000 person capacity area had a peak connection of 1924 concurrently connected Wi-Fi devices distributed across 16 Cisco APs while the Facebook keynote was in progress, with a max load of 530 Mbps of internet traffic. To avoid an RF overlap, the ceiling mounted APs above the auditoriums were converted to monitor mode. Using the final pre-keynote site survey data, the RF profile for the Hall-4 auditorium was tweaked, and RRM automatically optimized the coverage to the desired degree by adjusting the Tx power levels. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,