Barney's Blog

Blog archive

Silent, But Not Deadly

Every month, usually before and after the first Tuesday of the month, I bring you news of the latest public Microsoft patches. But not all patches are so public. There are also so-called "silent patches" that Microsoft releases without detailing.

What Microsoft does, according to a Shavlik patch exec, is pretty normal. Microsoft sees various vulnerabilities, or variants, and rolls the fixes into its monthly patch batch without spelling out all the details. A variant is where a common flaw is analyzed by hackers, who then attack closely related (but not always fixed) flaws.

In fact, Shavlik likes this approach. Variants are cured, and IT isn't overwhelmed with a bazillion patches to install.

What say you? Do you need each and every detail of each patch? Say it, don't spray it at dbarney@redmondmag.com.

Posted by Doug Barney on 02/18/2011 at 1:18 PM


Featured

  • Microsoft Publishes Windows Deadlines on Upgrading to SHA-2

    Microsoft on Friday described its 2019 timeline for when it will start distrusting Shell Hashing Algorithm-1 (SHA-1) in supported Windows systems, as well as in the Windows Server Update Services 3.0 Service Pack 2 management product.

  • Performing a Storage Refresh on Windows Server 2016, Part 1

    To spruce up some aging lab hardware, Brien decided to make the jump to all-flash storage. Here's a walk-through of the first half of the process.

  • Datacenters Are Cooling Down as Buildouts Heat Up

    Tech giants Google, Apple and others are expanding their datacenter footprints at a rapid rate, and it's pushing the industry to find better ways to power all that infrastructure.

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.