Security Advisor

Microsoft Readies 'Critical' Updates for Windows, IE and Exchange for August Patch

Microsoft's light monthly update will feature a majority of fixes for Windows.

As with every Thursday before Microsoft's Patch Tuesday release, Redmond has sent along its purposely vague information on what IT can expect for the upcoming security update.

This month will feature three bulletin items rated "critical" and five designated "important." The most noteworthy of the three is a Windows XP and Windows Server 2003 bug that can be remotely executed if gone unpatched. With official support for Windows XP ending in April 2014, this looks to be one of the final fixes for the aging OS. Those not running XP will be excused from this update.

Keeping its streak alive, this month also features yet another critical Internet Explorer fix on all versions of the Microsoft browser. It's advised that IT get this one rolled out as soon as possible due to the relative ease it is to exploit, especially if employees' security browsing habits are less than safe.

Finally, the third is a somewhat rare fix for Exchange -- a remote code execution issue found in all versions.

The five important items look to address elevation of privilege, denial of service and information disclosure flaws all found in different versions of Windows.

While only coming packed with three critical security fixes for the month (two if you've already moved off XP)  puts August's patch on the lighter side, 2013 has been a busy year for both Microsoft's security team and IT pros. Paul Henry, security and forensics analyst at Lumension, breaks down the numbers for us:

"With 8 bulletins today, Microsoft's year-to-date total is 65 patches," said Henry in an e-mailed response. "For anyone keeping track, that's seven more than what we had covered off on last year at this time. At the start of the year, we anticipated higher numbers in 2013 given Microsoft's commitment to cleaning up the low hanging fruit out there. Last year at this time there were 35 important patches issued; we now see 40. Our criticals in 2013 number 25 with 35 in total for 2012. Good news there."

As always, look for more details and the actual patch to land on Tuesday morning.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Azure Cost Management Now Commercially Available for Some Tenancies

    Microsoft on Monday announced that its Azure Cost Management feature had reached the "general availability" release stage for both Azure "pay-as-you-go" customers and Azure Government tenancies.

  • Microsoft Bringing Files Restore Capability to SharePoint Online and Teams

    Microsoft on Monday announced that it's delivering its Files Restore feature for SharePoint Online and Microsoft Teams to Office 365 tenancies as early as this month.

  • Microsoft Nabs IoT Platform Provider Express Logic

    As part of its plan to invest $5 billion in IoT technologies, Microsoft this week acquired Express Logic, which provides real-time operating systems for industrial embedded and IoT devices.

  • Dealing with Broken Dependencies in SCVMM

    Brien shows you how to resolve some broken, template-related dependencies in Microsoft's System Center Virtual Machine Manager.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.