News

Patch Tuesday: Expect Six Security Fixes

After a record-breaking Patch Tuesday in October, November's security update promises to be a bit lighter with six scheduled fixes, three deemed "critical" and three "important."

This month's patch rollout is expected to have five bulletins addressing remote code execution vulnerabilities, while the remaining fix will address denial-of-service issues.

The first scheduled fix will be a critical bulletin affecting Vista and Windows Server 2008. The second critical fix affects only Windows 2000. Meanwhile, the third and final critical item touches every Windows OS except for Windows 7.

Microsoft expects to issue three important fixes, with the first bulletin affecting every OS except for Vista and Windows 7. The remaining two important fixes will address XP-based Microsoft Office applications, including Excel, Excel Viewer for Office 2003, 2007 Microsoft Office System, and Office for Mac 2004 and 2008.

Paul Henry, security and forensic analyst at Lumension, speculated that some of the fixes may be updates to or re-releases of security bulletins that were issued in October.

"These include Live Communications Server 2005 and Office Communications Server 2007, as well as scenarios involving the usage of Windows Server Update Services or running Microsoft Office Access Runtime 2003," he said.

Many experts are predicting that at least one of the Office Communication Server fixes will be included in the November patch slate, although Microsoft has not indicated so.

What won't likely be a surprise, however, is that all six patches will require a restart.

The Knowledge Base article for this month, as usual, outlines what nonsecurity updates IT pros should expect via Windows Server Update Services, Windows Update and Microsoft Update services.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Office 365 Attack Simulator Now Supports Attachments

    The Attack Simulator in Office 365 tool has been updated and now has the ability to include message attachments in targeted campaigns, according to a Friday Microsoft announcement.

  • How To Disable Touch Input in Windows 10

    When the touchscreen on your Windows 10 laptop goes bad, there's no reason to throw that baby out with the bath water.

  • Microsoft Previews Windows VM Authentications via Azure Active Directory

    Microsoft on Thursday announced a preview of remote authentications into Windows-based Azure virtual machines (VMs) using Azure AD credentials.

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.