Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

First Patch Update Of 2011 Misses The Point

Lumension Security : 10 January, 2011  (Technical Article)
Zero-day vulnerability fixes missing from patch update from Microsoft in small bulletin
Following one of the largest patch releases in history last month, the first patch Tuesday of 2011 will only feature two patches from Microsoft, with just one rated ‘critical’. However, interestingly neither of the patches will address the two zero-day vulnerabilities, which are causing wide spread concern.

 

Alan Bentley, SVP at Lumension, commented: "After December’s mammoth patch Tuesday, the largest patch release on record, which saw 17 patches fix over 40 vulnerabilities, security professionals might be breathing a sigh of relief at the few patches they have to deal with this month.

 

However, I doubt there will be many putting their feet up just yet. Although Microsoft has acknowledged the Internet Explorer and Windows Graphics Rendering Engine zero day issues on their site, there is seemingly nothing addressing these critical vulnerabilities in the upcoming release. Microsoft has instead focused on releasing an ‘important’ patch for Windows Vista and a ‘critical’ patch for all versions of Windows, that will fix three holes in its operating systems.

 

Meanwhile hackers have been busy. They have been using fake Microsoft Security updates to spread malware, seemingly a worm.

 

Microsoft doesn’t do email patch updates so many would be sceptical of such an email already.  However, just in case, users should be on the look out for emails with ‘Update your windows’ in the subject line and an attached file entitled KB453396-ENU.zip”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo