Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

MS releases biggest patch update for over a year

Lumension Security : 15 October, 2009  (Technical Article)
Lumension comments on Microsoft's latest patch update which covers a broad variety of Windows platforms
This month's Microsoft Patch Tuesday update is at an all time high with 13 bulletins (eight critical and five important), surpassing the previous high of 12 released in October 2008. It is important to note that all patches require a system restart and impact a broad range of Windows platforms and applications.

Andrew Clarke, Senior VP Lumension, operational endpoint management provider, comments: "After a heavy summer of patch releases, October's Patch Tuesday fails to give IT administrators a welcome respite. If this pressure continues next month, simply put, the administrative burden of flaw remediation is clearly beyond what can be handled by IT administrators without implementing a fully automated flaw remediation process.

"As a priority, IT administrators should pay attention to two particular security bulletins that are both currently being exploited in the wild; MS09-050 impacts Vista and Windows 2008 platforms and MS09-053, while only rated important, affects any organisation running Public Facing FTP servers.

"For Internet users, there are an impressive nine bulletins that need close attention. Users could be hit by a 'drive by' hack attack as they casually browse the web or open rich media files without considering the dangers. Internet users should focus on the below patches as a high priority:

* MS09-51-Specially crafted media file could allow remote code execution
* MS09-52- Specially crafted ASF file could allow remote code execution
* MS09-54- Specially crafted Web page could allow remote code execution
* MS09-55- Specially crafted Web page with Active X control could allow remote code execution
* MS09-60- Specially crafted Web page with Active X control could allow remote code execution
* MS09-61- Specially crafted Web page running XAML application could allow remote code execution
* MS09-62-Specially crafted image file could allow remote code execution if viewed in the Web browser

"For businesses, the large number of issues covered in this month's patch release, means they must carefully review the bulletin in its entirety and then carefully plan their patch management priorities and process based on the impact on their given product utilisation and the likelihood of exploitation.

"Simply put, the administrative burden of flaw remediation today is clearly beyond that which can be handled without full flaw remediation process automation."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo