Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

MS breaks patch cycle with critical upgrades

Lumension Security : 30 July, 2009  (Technical Article)
Visual Studio and Internet Explorer vulnerabilities plugged by Microsoft in emergency patch release
Microsoft has broken its scheduled monthly patch cycle for the third time in two years, in a move to fix critical vulnerabilities in Visual Studio and Internet Explorer.

Andrew Clarke, senior vice president, International, Lumension comments: "Microsoft has really had its arm bent behind its back on this one. The pressure of the researchers signalling that they intended to reveal the way to bypass a critical security mechanism in Internet Explorer at the Black Hat Conference yesterday has forced it to break its scheduled patch cycle. If you consider that this is only the third time in two years that Microsoft has officially released an out of band patch, and on the other occasions there were active exploits in the wild, you can grasp just how important it is that IT users ensure this update is applied.

"Computer users that browse the internet via Internet Explorer must view this patch as a code red. The patch, MS09-034 will add an additional layer of security to address the issues in Internet Explorer, which were patched just last Tuesday with a work-around solution that simply disabled the impacted code by default, calling it "fixed". This new patch goes beyond the work-around, this time providing an actual fix to the underlying code issue.

"The patch, MS09-035, will handle issues within Visual Studio, potentially causing additional trouble as numerous third party software developers use Microsoft Visual Studio as a foundation for their software products. Any change that potentially breaks third party applications could leave software vendors scrambling to correct whatever issues develop due to the changes in Visual Studio. Organisations implementing the patch within mission critical third party applications must test the out-of-band patch in a "non-production" environment to be sure the changes do not impact their mission critical application."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo