News

Microsoft Releases 12 Security Bulletins, 8 Critical

Microsoft on Tuesday delivered its promised heavy load of security bulletins, including two patches for critical flaws already in the public domain.

In all, Microsoft put out 12 security bulletins, one less than the company warned subscribers about last week in its Microsoft Security Bulletin Advanced Notification. Those bulletins covered 17 security vulnerabilities. Ten of the security vulnerabilities covered in eight of the bulletins are critical flaws, according to Microsoft's rating system.

Many of the flaws involved various flavors of the Windows operating system, with nine different bulletins addressing problems with Windows. Other Microsoft bulletins addressed problems in Office, Internet Explorer, .NET, Windows Media Player, Windows Messenger, MSN Messenger, Project and Visio.

Flaws in the public domain usually cause the most concern. Most vulnerabilities are secret until Microsoft patches them, giving attackers and users the same starting line in the race on the one hand to exploit the flaws and on the other hand to patch the vulnerabilities.

One of the critical public flaws patched Tuesday affects Windows and could allow remote code execution from a flaw in an ActiveX control. The bulletin, MS05-013, is critical for Windows 2000, Windows 98, Windows 98 Second Edition and Windows ME. It is classified important for Windows XP with Service Pack 2 and moderate for Windows Server 2003.

The other critical public flaw involves a vulnerability in PNG processing that could allow an attacker to take complete control of a user's system over the Internet. It is addressed in bulletin MS05-009, which covers Windows Messenger, MSN Messenger and Windows Media Player.

The bulletin that includes the most patches is MS05-014, a cumulative update for Internet Explorer. The cumulative update includes patches for two critical vulnerabilities, an important vulnerability and a moderate flaw.

To view Microsoft's summary of the month's patches, click here.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Old Stone Wall Graphic

    Microsoft Addressing 36 Vulnerabilities in December Security Patch Release

    Microsoft on Tuesday delivered its December bundle of security patches, which affect Windows, Internet Explorer, Office, Skype for Business, SQL Server and Visual Studio.

  • Microsoft Nudging Out Classic SharePoint Blogs

    So-called "classic" blogs used by SharePoint Online subscribers are on their way toward "retirement," according to Dec. 4 Microsoft Message Center post.

  • Datacenters in Space: OrbitsEdge Partners with HPE

    A Florida-based startup is partnering with Hewlett Packard Enterprise in a deal that gives new meaning to the "edge" in edge computing.

  • Windows 10 Hyper-V vs. Windows Server Hyper-V: Which Platform for Which Workloads?

    The differences between these two Hyper-V versions are pretty significant, depending on what you plan to use them for. Here's a quick rundown of each platform, from their features to licensing quirks to intended use cases.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.