News

First Patch Tuesday of 2008 Expected To Be Light

Microsoft's first Patch Tuesday of 2008 is a light one, a welcome respite following December's Vista-heavy security bulletin rollout.

IT pros still recovering from the holidays can take heart: Microsoft's first Patch Tuesday of 2008 is a light one, a welcome respite following December's Vista-heavy security bulletin rollout.

There are only two patches for January: one "Critical," one "Important."

The lone critical patch fixes vulnerabilities to remote code execution (RCE) exploits. The issue affects Microsoft Windows 2000 Service Pack 4, Windows XP, Windows Server 2003 and all versions of Vista, which security experts believe will be patched a lot this year.

The important patch deals with local or client-side elevation of privilege. This type of attack can give the hacker control of the whole processing environment as a "superuser." Windows 2000 SP 4, XP and Windows 2003 are affected by this bulletin.

Both updates will require a restart; administrators can run Baseline Security Analyzer to detect whether workstations require these updates.

Redmond also plans to release five non-security updates on Microsoft Update and Windows Server Update Services as well as two non-security, high-priority updates for Windows and Windows Update Server Update Services. The latest version of the Malicious Software Removal Tool will be available as well.

This isn't the final word on Tuesday's release as the patch count as well as purpose of each patch could change, but a smaller release such as this should leave time for IT pros to tie up any loose ends from 2007. More information is available on the TechNet Web site.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Secured-Core PCs Promise To Stop Malware at the Firmware Level

    Microsoft and its hardware partners recently described new "Secured-core" PCs, which add protections against firmware-based attacks.

  • How To Ransomware-Proof Your Backups: 4 Key Best Practices

    Backups are the only guaranteed way to save your data after a ransomware attack. Here's how to make sure your backup strategy has ransomware mitigation built right in.

  • Microsoft Buys Mover To Aid Microsoft 365 Shifts

    Microsoft announced on Monday that it bought Mover to help organizations migrate data and shift to using Microsoft 365 services.

  • Microsoft Explains Windows 7 Extended Security Updates Setup Process

    Microsoft this week described installation instructions for volume licensing users of Windows 7 Service Pack 1 to get Extended Security Updates (ESU) activated on PCs.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.