HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 6 MINUTES AGO.
You are here: Home / Microsoft/Windows / July Fireworks for Patch Tuesday
Patch Tuesday Continues July Fireworks for IT Admins
Patch Tuesday Continues July Fireworks for IT Admins
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
06
2012
Microsoft just announced the bugs it plans to patch on Tuesday. In all, Redmond will fix nine issues. Three of those vulnerabilities are rated "critical," which means they could allow hackers to launch remote code executions. The others vulnerabilities are rated "important."

The July release includes nine bulletins addressing 16 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, and Visual Basic for Applications," said Angela Gunn of Microsoft's Trustworthy Computing Group. "As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible."

Across the Microsoft Board

Paul Henry, a security and forensic analyst at Lumension, said it looked like IT administrators would have to deal with more fireworks this month.

That, he said, is because nine patches is more than double last year's July patches: 4 total, with only 1 critical. According to his research, this puts Microsoft at 51 bulletins for 2012, about on par with 2011, which saw 56 bulletins at this time last year.

"Looking at the bulletins, one of the first things that jumps out is that these really impact the entire family of products, from XP all the way to 2008," Henry told us. "This is really a weird mix of patches, impacting both legacy and current generation software with critical issues."

Henry noted that it remains unclear if Microsoft will issue a patch this month for the XML Core Services issue that is currently being actively exploited in IE attacks. Microsoft normally includes details in its pre-release information if a zero-day patch is included, he explained.

However, in the July pre-release, Microsoft didn't call this out. Microsoft issued a FixIt tool to address the XML Core Services zero-day vulnerability and that may remain the only solution for IT admins in July.

New OSes on Horizon

Beyond July's Patch Tuesday, Henry is looking forward to the next set of potential targets: new operating systems from both Apple and Microsoft. Apple will soon release Mountain Lion and Microsoft is readying Windows 8. Although the full impact on IT remains to be seen, Henry said you can get a jump start by reading about some of the security features for both.

"Mountain Lion is a definite step forward for Apple security, with several new features to make it easier for IT to secure these machines. White-listing, sandboxed applications and daily updates go a long way in securing these products," Henry said.

"Windows 8 will also feature white listing and sandboxed apps, as well as a continuously running security system that starts protecting machines before the operating system is even fully booted."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at www.neustar.biz.
MORE IN MICROSOFT/WINDOWS
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.