News

9 Fixes Scheduled for Microsoft's August Security Update

Microsoft's August Patch Tuesday release will feature nine bulletin items, with five being rated "critical", according to Microsoft's Security Bulletin Advance Notification.

Microsoft's OS is the largest target of this month's batch of fixes, as three of the five critical items and two "important" bulletins feature tweaks for multiple versions of Windows.

"It's a busy Patch Tuesday this month, with lots of reboots, affecting all versions of Windows," commented Paul Henry, Security and Forensic Analyst for security firm Lumension. "No one gets a break this month. Some of the updates this month will have far reaching impact and they include patches to new problems, updates to old problems and something that might cause you a little more work than you might have been anticipating this month."

All five critical items and three of the five important bulletins address remote code execution flaws, while a lone elevation of privilege fix for Windows makes up the final item.
Along with Windows, Microsoft Office, Internet Explorer, SQL Server and Microsoft Developer Tools will be targeted for this month's update.

Security experts are advising that IT prioritizes bulletin 5 to the top of the list on Tuesday, as it addresses a known problem with the Oracle software Outside In, which is licensed in Exchange.

This [bulletin] is interesting from an exploitation standpoint because Exchange servers are usually exposed on the Internet," said Marcus Carey, security researcher at Rapid7, in an e-mailed statement. "When attackers hear 'remote code execution on Exchange' it's music to their ears. They could see potential for remote discovery, remote exploitation and propagation of attacks since Exchange is the epicenter of most organizations' communications. Email servers are prime targets for exploitation."

Look for more information on August's Security Update once released this Tuesday around 10 a.m. PST.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus

Reader Comments:

Mon, Aug 13, 2012 Editor

As stated in the article, we do not know the specifics of Microsoft's Security Updates until after release.

Sat, Aug 11, 2012 HillRunner United States

Which Windows? 7? Vista? XP?? Or are they already patching 8?

Sat, Aug 11, 2012 HillRunner United States

Which Windows? 7? Vista? XP?? Or are they already patching 8?

Thu, Aug 9, 2012

Whenever Microsoft legal eagles draft a new addendum to the terms of use, a press release comes out encouraging a large group of "critical" updates. Now if only the engineering team could put out new features in the same way, we'd be pleased.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.