Microsoft Plans Nine for September Patch Tuesday

For the second month in a row, Microsoft will be rolling out a heavier than usual patch load of nine.

The monthly patch updates include four security updates deemed "critical" and five are labeled "important."
"I expect some of the bulletins to address DLL Hijacking issues in Microsoft's own products, but it will be interesting to see if Microsoft will change its guidance for the recent hotfix (KB2264107)," said Wolfgang Kandek, chief technology officer of Qualy, Inc. "Currently, it is only at the advisory level that users have to make an active decision to get protection against DLL Hijacking in third-party applications."
All but two of the nine patches will have remote code execution (RCE) risk considerations, with the remaining two relating to the elevation of privilege threats. The patches will cover 13 vulnerabilities in total.
Critical Patches
The first critical update will be a Windows fix for every supported OS, while the second fix will affect every OS except Windows 7 and Windows Server 2008.
The third critical item is a combination Office- and OS-level fix for Microsoft Office XP Service Pack 3, Microsoft Office 2003 Service Pack 3 and Microsoft Office 2007 Service Pack 2.  The fourth critical item will also be an Office fix and will affect the same versions.
Important Patches
Every important bulletin covers Windows OS-level threats.
The first important item will cover every supported Windows OS, while the second patch will only affects XP and Windows Server 2003.
Important patch No. 3 will also be a Windows fix and cover XP and Windows Server 2003.
Just as with the first patch, the fourth important item will cover every supported OS and the fifth and final patch in this category will only stave off bugs for XP and Windows Server 2003.
Every patch on the slate may require a restart.
Windows IT pros can, as usual, check this Knowledge Base article for non-security updates rolled out through Windows Server Update Services, Windows Update and Microsoft Update services.
As with last month, Windows XP SP2 users do not have any patches supplied to them, said Kandek.
"Even though the majority of updates for XP SP3 most likely apply to their discontinued version of the OS as well, Windows XP SP2 users should upgrade to SP3 as quickly as possible," added Kandek.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • Azure Active Directory Proxy Service Now Supports SAML Identity

    Microsoft announced on Tuesday that the Azure Active Directory (AD) Proxy service now works with applications that use the Security Assertion Markup Language (SAML) 2.0 for user authentications.

  • How To (Safely) Run Untrusted Applications in Windows 10

    The new Sandbox feature in Windows 10 lets organizations run potentially risky executables in isolation, without having to set up a virtual machine.

  • Office 365 App Activations Getting Streamlined for End Users

    Microsoft plans to ease the Office 365 app installation experience for end users, starting as early as next month, for organizations using some monthly subscription plans, according to a Monday announcement.

  • Nebula

    With $1 Billion Investment, Microsoft Sets Sights on 'Artificial General Intelligence'

    A $1 billion investment from Microsoft promises to turbocharge the efforts of research outfit OpenAI around artificial general intelligence (AGI).

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.