Barney's Blog

Blog archive

Patch Twos-Day

IT pros have an easy week this week, at least when it comes to Microsoft patches: Only two fixes were delivered yesterday.

As usual, remote code execution is the biggest problem, and one patch fixes an RCE flaw that exists in all flavors of Windows. Sounds like this puppy should be installed pronto.

The other patch really isn't a patch in the sense that it doesn't close any vulnerabilities or fix any bugs. Instead, this patch -- which you should install only if you get a notice from Microsoft -- removes bits of XML technology from Microsoft Word. That XML technology violates a patent held by i4i, a Canadian content management company, a U.S. court found. Microsoft argues that removing the offending technology isn't a big deal and won't affect the performance or functionality of Word.

But if you think Microsoft has the software with the most holes, think again. Oracle this week issues two dozen patches. Larry's been busy!

Which vendors do a good job with patches and which don't? Answers welcome at [email protected]

Posted by Doug Barney on 01/13/2010 at 1:17 PM


Featured

  • Microsoft Talks Teams and SharePoint at Modern Workplace Event

    It's a hybrid world, but remote work is here to stay, according to Microsoft's Teams and SharePoint head Jeff Teper.

  • Malwarebytes Affirms Other APT Attack Methods Used Besides 'Solorigate'

    Security solutions company Malwarebytes affirmed on Monday that alternative methods besides tainted SolarWinds Orion software were used in the recent "Solorigate" advanced persistent threat (APT) attacks.

  • How To Fix the Hyper-V Read Only Disk Problem

    DOS might seem like a relic now, but sometimes it's the only way to fix a problem that Windows seems ill-equipped to deal with -- like this one.

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

comments powered by Disqus