Security Advisor

4 'Critical' Bulletins Set for Microsoft's September Patch

Microsoft announced today that its September Security Update will include 14 bulletin items -- four rated "critical" and 10 "important."

With eight fixing remote code execution flaws, three elevation of privilege fixes, two denial of service bulletins and an information disclosure fix, next Tuesday looks to be a busy one for IT.

When prepping your own battle plan for the patch release, a pair of  bulletins should be the first action taken, depending on your IT expertise,  according to Wolfgang Kandek, CTO of security firm Qualys, Inc.

"Bulletin #2 should be high priority for your desktop security team; it addresses a flaw in Microsoft Office that can be triggered simply by previewing an e-mail in Outlook, even without explicitly opening the e-mail. Outlook in Office 2007 and 2010 is affected," said Kandek in an e-mailed response.

As for IT server teams, Kandek said they should focus on the first bulletin as soon as possible, as it concerns SharePoint Servers.

The remaining two critical items include a fix for Internet Explorer (versions 6 through 10) and a flaw correction in Windows XP and Windows Server 2003. With only seven more patch cycles left before XP loses support and 22 cycles left before Windows Server 2003's end of support, look for Microsoft to regularly feature fixes for both in the coming months.

Look for our in-depth look at this month's Microsoft Security Update to arrive with the patch release on Tuesday.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • New Office App Coming to Windows 10 Users

    Microsoft is delivering a new Office app for Windows 10 consumer and business users over the new few weeks, according to a Wednesday announcement.

  • Microsoft Warns .NET Core 1.0 and 1.1 Losing Support in June

    Microsoft gave notice this week that .NET Core 1.0 and 1.1 will fall out of support on June 27, 2019.

  • Microsoft Publishes Windows Deadlines on Upgrading to SHA-2

    Microsoft on Friday described its 2019 timeline for when it will start distrusting Secure Hash Algorithm-1 (SHA-1) in supported Windows systems, as well as in the Windows Server Update Services 3.0 Service Pack 2 management product.

  • Performing a Storage Refresh on Windows Server 2016, Part 1

    To spruce up some aging lab hardware, Brien decided to make the jump to all-flash storage. Here's a walk-through of the first half of the process.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.