Your Ad Here Your Ad Here
Results 1 to 9 of 9

Thread: Microsoft To Post 6 Patches Next Week

  1. #1
    frizshizzle's Avatar now paranoid. BT Rep: +1
    Join Date
    Aug 2006
    Location
    good ol' England
    Posts
    228
    Microsoft plans five updates for Windows and one for XML Core Services. At least two of the updates will be labeled "critical," Microsoft's highest warning rating.

    Microsoft Corp. announced Thursday that it will release six security updates next week, including at least one to fix a vulnerability that attackers are already actively exploiting.

    In the advance notification posted on its Web site mid-morning Thursday, Microsoft said it would release five updates for Windows and one targeting XML Core Services. At least two of the updates will be labeled "critical," Microsoft's highest warning rating.

    Typically, the Redmond, Wash. developer doesn't disclose the exact components, services, or applications to be patched prior to delivering the updates on the second Tuesday of each month. But the fix for Microsoft XML Core Services, a flaw that's currently being attacked by hackers, was specifically called out in the advance alert.

    Last weekend, Microsoft acknowledged that a bug in an ActiveX component of Microsoft XML Core Services 4.0 was being exploited; in a blog entry, a Microsoft Security Response Center program manager characterized the attacks as "limited."

    One of the 11 October patches supposedly fixed a problem in XML Core Services, but at least one vulnerability was apparently missed then, said Minoo Hamilton, senior security researcher with patch management vendor nCircle, on Monday.

    Other yet-to-be-patched flaws have been reported by Microsoft, including a bug in an ActiveX control in Visual Studio 2005. Several vulnerabilities in Internet Explorer, including IE 7, have also been disclosed recently.

    Last month, Microsoft unveiled 10 updates, but the month before it rolled out only three. The six scheduled to land next week, however, will push the year's total to 71, just one shy of the all-time record of 72 security fixes in 2002.

    The updates will be available for manual download from the Microsoft Web site on Tuesday, Nov. 14 at approximately 10 a.m. PDT. Automatic updates to users' computers will begin shortly after that.

    oooo another black Tuesday bit like Smallville's dark Thursday.

    Source: http://www.informationweek.com/secur...leID=193700248

  2. News (Archive)   -   #2
    Hairbautt's Avatar *haircut
    Join Date
    Jul 2004
    Location
    Florida
    Age
    20
    Posts
    11,028
    Nothing is perfect. Go Microsoft!
    _________________________________________________________________________________________
    Last edited by Alien5; Jun 6th, 2006 at
    06:36 PM..

  3. News (Archive)   -   #3
    DISABLED PRIVS
    Join Date
    Oct 2006
    Posts
    35
    wow!!!!

  4. News (Archive)   -   #4
    tesco's Avatar woowoo
    Join Date
    Aug 2003
    Location
    Canadia
    Posts
    24,069
    Microsoft Corp. announced Thursday that it will release six security updates next week, including at least one to fix a vulnerability that attackers are already actively exploiting.
    Wow people are already exploiting it and microsoft is waiting until next week to release...

  5. News (Archive)   -   #5
    Retired
    Join Date
    Feb 2003
    Posts
    14,058
    Still waiting for IE7 and WMP11 (Dutch)

  6. News (Archive)   -   #6
    frizshizzle's Avatar now paranoid. BT Rep: +1
    Join Date
    Aug 2006
    Location
    good ol' England
    Posts
    228
    I mean hackers can have up to a month to exploit these holes. Microsoft are soooooo slow.

  7. News (Archive)   -   #7
    Retired
    Join Date
    Feb 2003
    Posts
    14,058
    Quote Originally Posted by havingfun View Post
    I mean hackers can have up to a month to exploit these holes. Microsoft are soooooo slow.
    there not slow. They have to check if the patch works 100% and patching once a month is easier for businesses.
    I've read somewhere that Microsoft is faster then any/most other OS when it comes to fixing security flaws.

  8. News (Archive)   -   #8
    4play's Avatar knob jockey
    Join Date
    Jan 2003
    Location
    London
    Age
    35
    Posts
    5,530
    Quote Originally Posted by {I}{K}{E} View Post
    there not slow. They have to check if the patch works 100% and patching once a month is easier for businesses.
    I've read somewhere that Microsoft is faster then any/most other OS when it comes to fixing security flaws.
    agree with you on the first 2 points. It really is a large operating system and a small change to fix a security hole may break something so testing is needed.

    having patch tuesday is great for businesses they can easily sort out testing and installing of patches on a regular basis. This does cause a massive problem where malware writers and crackers are starting to release their wares straight after patch tuesday to maximise the time they have. Microsoft seemed very reluctant to break the patch tuesday cycle even when there was a critical whole in internet explorer actively being exploited.

    I really dont think microsoft are at all quick in releasing fixes compaired to open source competition i would love to read the article that claimed that.

  9. News (Archive)   -   #9
    f@flot's Avatar Poster BT Rep: +25BT Rep +25BT Rep +25BT Rep +25BT Rep +25
    Join Date
    Nov 2006
    Posts
    713
    finally

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •