Security Advisor

Microsoft Readies 'Critical' Updates for Windows, IE and Exchange for August Patch

Microsoft's light monthly update will feature a majority of fixes for Windows.

As with every Thursday before Microsoft's Patch Tuesday release, Redmond has sent along its purposely vague information on what IT can expect for the upcoming security update.

This month will feature three bulletin items rated "critical" and five designated "important." The most noteworthy of the three is a Windows XP and Windows Server 2003 bug that can be remotely executed if gone unpatched. With official support for Windows XP ending in April 2014, this looks to be one of the final fixes for the aging OS. Those not running XP will be excused from this update.

Keeping its streak alive, this month also features yet another critical Internet Explorer fix on all versions of the Microsoft browser. It's advised that IT get this one rolled out as soon as possible due to the relative ease it is to exploit, especially if employees' security browsing habits are less than safe.

Finally, the third is a somewhat rare fix for Exchange -- a remote code execution issue found in all versions.

The five important items look to address elevation of privilege, denial of service and information disclosure flaws all found in different versions of Windows.

While only coming packed with three critical security fixes for the month (two if you've already moved off XP)  puts August's patch on the lighter side, 2013 has been a busy year for both Microsoft's security team and IT pros. Paul Henry, security and forensics analyst at Lumension, breaks down the numbers for us:

"With 8 bulletins today, Microsoft's year-to-date total is 65 patches," said Henry in an e-mailed response. "For anyone keeping track, that's seven more than what we had covered off on last year at this time. At the start of the year, we anticipated higher numbers in 2013 given Microsoft's commitment to cleaning up the low hanging fruit out there. Last year at this time there were 35 important patches issued; we now see 40. Our criticals in 2013 number 25 with 35 in total for 2012. Good news there."

As always, look for more details and the actual patch to land on Tuesday morning.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus