Security Advisor
Microsoft's March Security Update Will Include 7 Bulletins
For those just finishing up applying February's massive patch, it's already time to do it again. Microsoft released its advance notification for March's patch and it looks like there will be a much-more-manageable seven items to deal with.
As per the norm, remote code execution flaw fixes lead the charge and account for three of the four "critical" items. The fourth critical item will be an elevation of privilege fix for Microsoft Office and Microsoft Server Software.
According to security expert Wofgang Kandek, CTO of Qualys, Inc., IT should be ready to jump on bulletin 1 once the patch is released on Tuesday: "Bulletin 1 will be on the top of our list next week," said Kandek in a blog post. "It fixes critical vulnerabilities that could be used for machine takeover in all versions of Internet Explorer from 6 to 10, on all platforms including Windows 8 and Windows RT."
I'd like to shed some more light on what this critical issue is with Internet Explorer, but Microsoft makes sure to keep tight-lipped on the details of flaws until the security update is released.
And look for those details (including the actual patch) to arrive sometime around 10 a.m. PST on Tuesday.