No Luck O’ the Irish for IT this St. Patty’s Day

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next No Luck O’ the Irish for IT this St. Patty’s Day-6 Next

The last of the critical updates is MS13-024, which is an elevation of privilege issue with SharePoint. Interestingly, Henry points out, only one of the four CVEs is a critical one. That elevation of privilege vulnerability, which looks eerily like a cross-site scripting issue, would allow attackers to read and write into memory and tamper with content. The other CVEs are a moderate class denial of service and two important elevation of privilege issues. 

IT admins can’t seem to catch a break this year. First, the never-ending stream of Java issues that has kept folks on their toes since January. Now they’ve got another busy month of patches ahead of them, with seven total patches from Microsoft, four of which are critical. However, once again the issues outside of Microsoft will likely eclipse the Patch Tuesday patches this month.

According to Paul Henry, security and forensic analyst at Lumension, three months into 2013 and already we’re seeing higher numbers of patches from Microsoft, particularly across critical patches. Last year at this time, Microsoft was averaging seven patches, only two of which were critical. This year, Microsoft has so far averaged close to nine patches, about four of which are critical. To really put things in perspective, by March of 2011, Microsoft was averaging close to six patches, with around one critical patch. We can only hope that this increase is due to a combination of new platforms and better discovery of vulnerabilities, rather than actual ongoing security problems at Microsoft.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.