News
No 'Critical' Fixes Planned for Microsoft's Light September Security Update
Microsoft's security update for September looks to be a small one, with only two "important" bulletin items scheduled.
"September has historically been a light month for security updates, and this month we have two Important-class bulletins addressing four issues in Visual Studio Team Foundation Server and System Center Configuration Manager," wrote Microsoft's Trustworthy Computing's Angela Gunn.
Both items address elevation of privilege flaws.
With a light patch load, Gunn took the opportunity to once again remind users of Security Advisory 2661254, which updates the minimum length of certificates with RSA keys.
"To help ensure that all customers are prepared for the update, we are reiterating those announcements before releasing the requirement change with our monthly bulletins on Oct. 9," said Gunn. "Though many have already moved away from such certificates, customers will want to take advantage of September's quiet bulletin cycle to review their asset inventories -- in particular, examining those systems and applications that have been tucked away to collect dust and cobwebs because they 'still work' and have not had any cause for review for some time."
Along with making the necessary preparations for the RSA key switchover, taking time to apply the recently released Java update is also recommended.
Microsoft will release September's security update on Tuesday morning.