News

Microsoft's September Security Bulletin Will Lack 'Critical' Fixes

This looks to be a lighter patch month, with no "critical" items making it into in September's Microsoft Security Bulletin.

To that end, the five items on this month's slate are all labeled "important."

Windows, Microsoft Office and Microsoft Server and related components are among the programs that will be touched this month. Three of these items are remote code execution considerations and the remaining will relate to elevation-of-privilege risks in the functionality of applicable products and services.

All items may require restarts.

"It's easy for organizations to gain a false sense of security during a light patch month and sometimes an attitude of complacency towards non-critical vulnerabilities is evident" said Marcus Carey, security researcher from Rapid7, speaking on this month's light offering. "But while there are no 'critical' bulletins this month, organizations should not downplay the vulnerabilities being addressed. I know of organizations that have 30-day patch requirements for 'critical' -- which is too long in my opinion -- and up to three months to patch 'important' and below."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus