Only 2 'Important' Items for Microsoft's September Security Update

Microsoft's security update for the month of September arrived today with just two bulletin items. This is the lowest number of fixes Microsoft has issued since January 2011.

Both bulletin items repair elevation of privilege flaws for Microsoft Developer Tools and Microsoft Server Software. And because neither have been designated "critical" (both are rated "important'), only apply after proper testing has concluded.

"Neither of the issues addressed is known to be under active exploit in the wild -- and, on another positive note, neither bulletin requires customers to restart their machines," wrote Microsoft's Angela Gunn in a blog post.

While the urgency to apply these two bulletins isn't as high as last month's security update, which featured five critical items, security researchers are warning that these security flaws should not be ignored.

"Both of these bulletins are pretty low risk to most organizations; however, employees should never be allowed to browse the Internet or check e-mail from servers that this software could reside on," said Marcus Carey, security researcher at Rapid7, in an e-mailed response. "To be able to exploit these vulnerabilities, an attacker would craft a malicious link for a victim to click on, allowing them to compromise the victim's system. It's always a good idea to educate employees/ end-users on how to spot and avoid suspect links."

Along with today's security release, Microsoft sent word that it is currently working on an update for Internet Explorer 10 to include a security fix for Adobe Flash that was released last month.

About the Author

Chris Paoli is the site producer for and


  • Windows 10 Preview Adds Windows Subsystem for Linux 2 on ARM64 Devices

    Microsoft's latest Windows 10 preview release for testers (build 18980), announced on Wednesday, includes support for version 2 of the Windows Subsystem for Linux, plus ARM64 device support for WSL 2.

  • Microsoft Defender Advanced Threat Protection Evaluation Lab Now Available

    The Microsoft Defender Advanced Threat Protection (ATP) Evaluation Lab is now ready for use by organizations.

  • How Organizations Can Adapt to SharePoint's 'Modern' Shift

    In a September interview, SharePoint expert Asif Rehmani described how users, developers and organizations are dealing with SharePoint Online's so-called "modern" innovations.

  • Microsoft Urges LDAP Workaround Fix for Windows Systems

    Microsoft updated an August security advisory this week to urge organizations using the Lightweight Directory Access Protocol in supported Windows systems to implement some configuration changes manually.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.