Security Advisor

Microsoft's March Security Update Will Include 7 Bulletins

For those just finishing up applying February's massive patch, it's already time to do it again. Microsoft released its advance notification for March's patch and it looks like there will be a much-more-manageable seven items to deal with.

As per the norm, remote code execution flaw fixes lead the charge and account for three of the four "critical" items. The fourth critical item will be an elevation of privilege fix for Microsoft Office and Microsoft Server Software.

According to security expert Wofgang Kandek, CTO of Qualys, Inc., IT should be ready to jump on bulletin 1 once the patch is released on Tuesday: "Bulletin 1 will be on the top of our list next week," said Kandek in a blog post. "It fixes critical vulnerabilities that could be used for machine takeover in all versions of Internet Explorer from 6 to 10, on all platforms including Windows 8 and Windows RT."

I'd like to shed some more light on what this critical issue is with Internet Explorer, but Microsoft makes sure to keep tight-lipped on the details of flaws until the security update is released.

And look for those details (including the actual patch) to arrive sometime around 10 a.m. PST on Tuesday.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft Defender ATP Gets macOS Investigation Support

    The endpoint and detection response (EDR) feature in Microsoft Defender Advanced Threat Protection (ATP) has reached the "general availability" stage for macOS devices.

  • How To Block Self-Service Purchasing in Microsoft's Power Platform

    Microsoft threw Office 365 admins a bone when it gave them the ability to block users from purchasing Power Platform tools without IT approval. Here's how to prevent total anarchy.

  • Azure DevOps Services Losing Support for Alternate Credentials

    Microsoft gave notice last week that it's going to drop Alternate Credentials support for authenticating users of its Azure DevOps Services.

  • Microsoft Endpoint Configuration Manager Update 1910 Released

    Microsoft announced last week that it is starting to deliver Update 1910 for Microsoft Endpoint Configuration Manager users.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.