Posted by: Ken Harthun
Patch management, Patch Tuesday, Server 2008, Server Core Installation, Vulnerabilities
Microsoft will issue six security bulletins on Tuesday, March 13. The issues address seven vulnerabilities. This time, however, only one of those has been given a severity rating of critical; it addresses a remote code execution vulnerability in Windows.
Interestingly enough, there are footnotes that apply to Windows Server 2008 and Windows Server 2008 R2 detailing whether or not the Server Core installation is affected:
*Server Core installation affected. This update applies, with the same severity rating, to supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, whether or not installed using the Server Core installation option.
**Server Core installation not affected. The vulnerabilities addressed by this update do not affect supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, when installed using the Server Core installation option.
This tends to support some of the things I am hearing about Server Core being more secure than a full-blown GUI installation of the products. Here’s Microsoft’s take:
Reduced attack surface. Because Server Core has fewer system services running on it than a Full installation does, there’s less attack surface (that is, fewer possible vectors for malicious attacks on the server). This means that a Server Core installation is more secure than a similarly configured Full installation.