A September to Remember this Patch Tuesday

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next A September to Remember this Patch Tuesday-2 Next

Prioritizing your patches this month should be done partly based on your organization's usage of the effected software. MS13-067 is a critical patch for nine CVEs in Sharepoint 2003, 2007 and 2010 that could allow a remote code execution. One of those CVEs was publically known and five are shared with Microsoft Office. If you use Sharepoint, patch this one first.

This is definitely a September to remember – last year at this time Microsoft released only two bulletins and both were only rated Important. Contrast that to today - Microsoft has released 13 patches covering 47 CVEs. One additional important-level bulletin included in the advance notification that addressed a .Net issue was pulled for quality reasons.

According to Paul Henry, security and forensics analyst at Lumension, we’re seeing big numbers this month but there is perhaps some good news: only four patches are considered critical, two were publically known yet Microsoft has not seen active attacks on any of the September CVEs to-date and none of them impact the current code base.

IE, Sharepoint and Outlook are hardest hit this month, and vulnerabilities in XP and Windows 2003 were also patched...something we hopefully will see more of as the XP end-of-life date of April 8, 2014 nears. Win 2003 follows that 15 months later with its own EOL date of July 14, 2015. For anyone using XP, a migration plan must be put in place if you don't already have one.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.