Security Advisor

4 'Critical' Bulletins Set for Microsoft's September Patch

Microsoft announced today that its September Security Update will include 14 bulletin items -- four rated "critical" and 10 "important."

With eight fixing remote code execution flaws, three elevation of privilege fixes, two denial of service bulletins and an information disclosure fix, next Tuesday looks to be a busy one for IT.

When prepping your own battle plan for the patch release, a pair of  bulletins should be the first action taken, depending on your IT expertise,  according to Wolfgang Kandek, CTO of security firm Qualys, Inc.

"Bulletin #2 should be high priority for your desktop security team; it addresses a flaw in Microsoft Office that can be triggered simply by previewing an e-mail in Outlook, even without explicitly opening the e-mail. Outlook in Office 2007 and 2010 is affected," said Kandek in an e-mailed response.

As for IT server teams, Kandek said they should focus on the first bulletin as soon as possible, as it concerns SharePoint Servers.

The remaining two critical items include a fix for Internet Explorer (versions 6 through 10) and a flaw correction in Windows XP and Windows Server 2003. With only seven more patch cycles left before XP loses support and 22 cycles left before Windows Server 2003's end of support, look for Microsoft to regularly feature fixes for both in the coming months.

Look for our in-depth look at this month's Microsoft Security Update to arrive with the patch release on Tuesday.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Industrial Control System Honeypot Illustrates Bad Security Practices

    Security solutions provider Trend Micro has published results (PDF) from running an industrial control system (ICS) "honeypot."

  • Ransomware: What It Means for Your Database Servers

    Ransomware affects databases in very specific ways. Joey describes the mechanics of a SQL Server ransomware attack, what DBAs can do to protect their systems, and what security measures they should be advocating for.

  • Windows Admin Center vs. Hyper-V Manager: What's Better for Managing VMs?

    Microsoft's preferred interface for Windows Server is Windows Admin Center, but can it really replace Hyper-V Manager for managing virtual machines? Brien compares the two management tools.

  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.