Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Lumension Comment On Patch Tuesday

Lumension Security : 09 November, 2010  (Technical Article)
Easier times for IT Administrators are unlikely to be on the cards this side of Christmas according to Lumension
Microsoft may be taking a bit of a breather, but that doesn't mean an easy month for IT managers this patch Tuesday. Alan Bentley, SVP International at Lumension, commented:

"Following the biggest patch Tuesday on record last month, Microsoft is catching its breath, with just three bulletins to be issued for November. Only one is critical, but all three may require a re-start.

"While it may be a quieter month for patches, there's still the matter of the Internet Explorer vulnerability that was discovered in the wild being used in 'drive-by' hacks that allow an attacker to perform a remote code execution, loading malware onto a visiting user's network.

"Despite this vulnerability affecting IE versions 6, 7 and 8 there continues to be no mention of it and Microsoft, despite issuing a work around, is not expected to release an out of band patch. This could leave many users waiting for more than a month before they know they are fully protected from this threat, because a work around typically is not implemented by the majority of users. On the run up to Christmas, with industry experts predicting online shopping in the UK to increase by 23 per cent from 2009, it seems rather surprising that Microsoft haven't prioritised a patch.

"In other patch news, Mozilla released Firefox 3.6.12 and Firefox 3.5.15 to patch a vulnerability that had been exploited by malware secretly planted on the Nobel Peace Prize website, which redirected users to a Taiwanese attack server that launched a JavaScript-based exploit, which if successful, planted a Trojan horse on victimized Windows PCs. Adobe Systems plans to release a patch by Thursday to address a critical vulnerability in Adobe Flash Player. And, a local privilege escalation vulnerability that could allow attackers to execute malicious code with root rights was patched in the newly released Linux kernel 2.6.36

"So it might be a quieter month on the Microsoft front, but IT managers will still have their hands relatively full with a number of other notable patches from Adobe, Mozilla and Linux to contend with."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo