Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Patch Tuesday Addresses 8 Vulnerabilities

Shavlik Technologies : 11 March, 2010  (Technical Article)
Jason Miller of Shavlik Technologies comments on Microsoft's patch release with two bulletins containing fixes for 8 vulnerabilities
'After a busy February with 13 security bulletins, Microsoft is easing off the patching throttle a bit this month. Microsoft released two new security bulletins addressing 8 vulnerabilities, all not publicly known at this time. It is not uncommon for Microsoft to have a large patch month followed by a relatively light patch month.

As the bulletins affect client Windows operating systems and Microsoft Office, your servers should be spared from this month's patching cycle unless you have SharePoint Server 2007 installed. As expected, Microsoft is not planning to release a bulletin for their recently released security advisory (981169). Microsoft will need time to investigate, implement and test the fix for this known vulnerability.

It is important to note that MS10-016 affects Microsoft Producer 2003. However, Microsoft is not providing a patch for this product. They are suggesting administrators remove the affected component on their machines. Microsoft not providing patches for known software vulnerabilities has become more common over the past 12 months. This is a great example of why administrators should take time each month and research the information associated with each bulletin. Simply blindly pushing out patches does not necessarily make your network secure.

MS10-017 should be addressed first on your network. Microsoft Excel attachments are as common as Meryl Streep nominations at the Oscars. Opening a malicious Excel document could lead to remote code execution.

Last month, there were issues identified with security bulletin MS10-015. This bulletin caused blue screen on systems that were recently patched. Microsoft researched the issue and found a rootkit was the cause of the blue screen. This is a perfect example of why companies should have a solid patching process that includes testing each bulletin before deploying it to their network.

Microsoft also announced a new security advisory in 981374. This security advisory affects Internet Explorer versions 6 and 7. Microsoft has been receiving limited reports of targeted attacks on the browser. Although there is not a patch available for this issue, administrators should keep an eye on this advisory for more information.'
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo