News

Light 'Patch Tuesday' On Tap

November looks to be one of the thinnest patches releases of 2007 as Microsoft said it plans to release just two security bulletins.

November looks to be one of the thinnest patches releases of 2007 as Microsoft said it plans to release just two security bulletins, one "Critical" and one "Important."

The lone critical issue has remote code execution implications and affects Windows XP Service Pack 2, all versions of XP Professional 64 and multiple versions of Windows Server 2003, including both service packs for Intel Itanium processor-based systems, which are mainly used in enterprise server environments.

The second patch, labeled as important, deals with a subject Microsoft announced ahead of last month's patch release and then pulled off the table for the actual release -- spoofing.

Spoofing attacks occur when a hacker or malicious program hides its identity, throwing security admins off the trail by pretending to be someone or something entirely different. They then use this anonymity to gain unwarranted Read and/or Write access.

The issue covers Windows 2000 Service Pack 4 and every Windows Server 2003 version.

Both fixes will require system restarts.

The company will release, as usual, an update to the Microsoft Windows Malicious Software Removal Tool. Redmond also plans to roll out three high-priority non-security updates on Microsoft Update; there are none for Windows Update.

Thursday's advance notification isn't the final word; but security experts should always pay closer attention to server side or network level threats, and despite the light release, this month may be no different.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Malwarebytes Affirms Other APT Attack Methods Used Besides 'Solorigate'

    Security solutions company Malwarebytes affirmed on Monday that alternative methods besides tainted SolarWinds Orion software were used in the recent "Solorigate" advanced persistent threat (APT) attacks.

  • How To Fix the Hyper-V Read Only Disk Problem

    DOS might seem like a relic now, but sometimes it's the only way to fix a problem that Windows seems ill-equipped to deal with -- like this one.

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

comments powered by Disqus