News

Six Days in February: Bulletin-Fest at Microsoft

After a slow start in 2002, Microsoft's security apparatus has been busy, issuing one security bulletin in late January and four more bulletins over a six-day period in February.

The first security bulletin of 2002 didn't arrive until Jan. 30, although it was an interesting one. That was the domain trust issue where a malicious administrator with sophisticated code skills could contrive to change his permissions in another trusting domain.

Between Feb. 6 and Feb. 11, Microsoft released four bulletins, including a cumulative patch fixing three critical problems with Internet Explorer. A bulletin involving a moderate risk vulnerability in the Telnet service in Windows 2000 and Interix 2.2 appeared on Feb. 7. Two low risk problems prompted another Feb. 7 bulletin involving Exchange 2000 Server and a Feb. 6 bulletin involving Microsoft Office v. X for Mac.

The flurry of bulletins comes as Microsoft developers undertake a review of product code during the month of February for security issues. That review was prompted by chairman and chief security architect Bill Gates' "Trustworthy Computing" e-mail in January that called for a greater emphasis on security in Microsoft products.

Microsoft did not immediately respond to a request for comment on whether the security bulletin activity was related to the code review.

Microsoft issued 60 security bulletins in 2001, compared with 100 in 2000. It is not an apples-to-apples comparison because Microsoft produced many more rollup patches in 2001 than in the prior year.

Links to Microsoft's current security bulletins can be found here:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-005.asp.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Performing a Storage Refresh on Windows Server 2016, Part 1

    To spruce up some aging lab hardware, Brien decided to make the jump to all-flash storage. Here's a walk-through of the first half of the process.

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.