News

Microsoft Gives IT Staff Break with Light March Patch Update

Staying true to form and pattern, Redmond once again follows last month's large patch load with a small rollout for the month of March.

This month's slate of security updates comes in at three -- one "critical" and two "important."

The three patches are all designed to thwart remote code execution (RCE) exploits.

"Microsoft may have cleaned up a lot of loose ends with the release of Windows 7 and Windows Server 2008 R2 Service Pack 1, leaving little to address in this first Patch Tuesday following the release of SP1,"notes Paul Henry, Security Analyst at Lumension "That being said, we do not have any confirmation that the patches released this period will address yet another recently disclosed IE day zero vulnerability."

XP, Vista, Windows 7 and Windows Server 2008 are the operating systems touched with the first and only critical patch.

Like the first critical patch, the No. 1 important patch is an OS-level update. Unlike the critical item, the first important bulletin touches every supported operating system.

Lastly, the second important patch, and the last of the total three, is an office application patch that will probably evoke more answers in a Microsoft-themed trivial pursuit game than critical security analysis.

It's a rare direct-to-application patch affecting Microsoft Groove 2007.

Microsoft Office Groove, is a product of Redmond's 2005 acquisition of Groove Networks. Office Groove has now been integrated into SharePoint Workspace as an application for project management and workflow collaboration. It can be configured for users working offline and also for users with different administrative access to application files.

All three patches may require a restart of a Windows workstations and processing environments.

Rapid7 security researcher, Josh Abraham, describes March's thin rollout as "catch up month for Microsoft developers as well as sys-administrators in the industry who still haven't fully patched bulletins from big January and February updates."

For information about non-security releases on Windows Update and Microsoft Update, Microsoft offers up this knowledgebase article for the Windows IT pro's perusal.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Old Stone Wall Graphic

    Microsoft Addressing 36 Vulnerabilities in December Security Patch Release

    Microsoft on Tuesday delivered its December bundle of security patches, which affect Windows, Internet Explorer, Office, Skype for Business, SQL Server and Visual Studio.

  • Microsoft Nudging Out Classic SharePoint Blogs

    So-called "classic" blogs used by SharePoint Online subscribers are on their way toward "retirement," according to Dec. 4 Microsoft Message Center post.

  • Datacenters in Space: OrbitsEdge Partners with HPE

    A Florida-based startup is partnering with Hewlett Packard Enterprise in a deal that gives new meaning to the "edge" in edge computing.

  • Windows 10 Hyper-V vs. Windows Server Hyper-V: Which Platform for Which Workloads?

    The differences between these two Hyper-V versions are pretty significant, depending on what you plan to use them for. Here's a quick rundown of each platform, from their features to licensing quirks to intended use cases.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.