No Luck O’ the Irish for IT this St. Patty’s Day

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next No Luck O’ the Irish for IT this St. Patty’s Day-2 Next

According to Henry, your top priority is going to be MS13-021, which is a critical patch for IE addressing nine CVEs. It’s a cumulative update for IE. An interesting fact of note is that Microsoft released IE 10 for Windows 7 this past February and IE 10 is actually not affected on that platform. However, what really stands out here is that it does affect IE 10 on Windows 8 with some remote code execution vulnerabilities. Unfortunately, this represents the latest and greatest of Microsoft’s coding and we’re already finding critical issues with it. Fortunately, none of these “use after free” issues are being publicly exploited. “Use after free” is receiving more attention recently. However, Henry wants to emphasize that it’s not the delivery mechanism that’s a problem. The problem is not taking care of the end game: preventing unauthorized binary from running on your machine in the first place.

IT admins can’t seem to catch a break this year. First, the never-ending stream of Java issues that has kept folks on their toes since January. Now they’ve got another busy month of patches ahead of them, with seven total patches from Microsoft, four of which are critical. However, once again the issues outside of Microsoft will likely eclipse the Patch Tuesday patches this month.

According to Paul Henry, security and forensic analyst at Lumension, three months into 2013 and already we’re seeing higher numbers of patches from Microsoft, particularly across critical patches. Last year at this time, Microsoft was averaging seven patches, only two of which were critical. This year, Microsoft has so far averaged close to nine patches, about four of which are critical. To really put things in perspective, by March of 2011, Microsoft was averaging close to six patches, with around one critical patch. We can only hope that this increase is due to a combination of new platforms and better discovery of vulnerabilities, rather than actual ongoing security problems at Microsoft.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.