A September to Remember this Patch Tuesday

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next A September to Remember this Patch Tuesday-5 Next

Next up should be MS-070, a remote code execution in Object Linking and Embedding (OLE) in Windows XP and 2003. There have not been any active attacks; this one was privately reported. This is an important priority for any XP or 2003 system, but then again, upgrading should rank high on the priority list too.

This is definitely a September to remember – last year at this time Microsoft released only two bulletins and both were only rated Important. Contrast that to today - Microsoft has released 13 patches covering 47 CVEs. One additional important-level bulletin included in the advance notification that addressed a .Net issue was pulled for quality reasons.

According to Paul Henry, security and forensics analyst at Lumension, we’re seeing big numbers this month but there is perhaps some good news: only four patches are considered critical, two were publically known yet Microsoft has not seen active attacks on any of the September CVEs to-date and none of them impact the current code base.

IE, Sharepoint and Outlook are hardest hit this month, and vulnerabilities in XP and Windows 2003 were also patched...something we hopefully will see more of as the XP end-of-life date of April 8, 2014 nears. Win 2003 follows that 15 months later with its own EOL date of July 14, 2015. For anyone using XP, a migration plan must be put in place if you don't already have one.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.