UPDATE: Microsoft Encounters Problems Pushing Out Oct. Patches
As expected, Microsoft released 10 patches today covering a variety of Windows
and Office flaws; however, many organizations didn't get the patches until hours after they were released due
to a glitch in Redmond's automatic distribution system.
According to a Microsoft
Security Response Center Blog post made today by Craig Gehre, Microsoft
experienced a "delay in [its] release process" due to "unexpected
issues" -- meaning that the patches were not instantly distributed via WSUS,
Automatic Updates, Windows Update and Microsoft Update.
"To be clear, it's a delay due to the networking for these systems,"
Gehre wrote. "There are no issues with the security updates themselves.
Also, this issue doesn't affect customers using Software Update Services (SUS),
Windows Update v4 or Office Update."
Gehre posted an update later in the day saying that the issue had been fixed.
The patches -- six of which are rated "critical" -- are part of Redmond's
regularly scheduled "Patch Tuesday" update.
Two of the critical patches are related to Windows, one to Office in general
and one each to Excel, Word and PowerPoint. If left unpatched, all "could
allow remote code execution," as the company likes to say.
The Word patch actually addresses several vulnerabilities -- including the
unpatched zero-day flaw discovered in early September.
The one patch rated "important" relates to a denial of service flaw
in Server Service. The two "moderate" patches fix problems with the
Windows .NET Framework and Windows' Object Packager.
The patch rated "low" deals with a TCP/IP flaw.
For full details on all of these patches, go here.