3/2/2023 0 Comments Microsoft gigantic downloadFollow Gregg on Twitter at, or subscribe to Gregg's RSS feed. Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Microsoft will release the 10 updates at approximately 1 p.m. Tuesday's updates will be the second-to-last for Windows 2000 and Windows XP Service Pack 2 (SP2), both which will be retired from security support in mid-July. "It's critical, and should be patched as fast as Internet Explorer next week." "That tells me it's something on the client side," said Storms. The server-side operating systems, however, were ranked as "moderate." NCircle's Storms said another update to watch is the one Microsoft identified today only as Bulletin 3 the update will affect all versions of Windows, but was rated critical for Windows 2000, XP, Vista and Windows 7. The zero-day bug could be used by attackers to steal companies' confidential information. Microsoft will also patch a problem in SharePoint Server 2007 that it publicized in April. That fix will presumably be one of several included in the IE update. The oldest warning was issued in February, and noted that hackers could exploit IE on Windows XP to read every file on a victim's PC. Other updates will close out a pair of flaws that Microsoft confirmed in two earlier security advisories. Excel 2010, the spreadsheet included in the just-released-to-businesses Office 2010 suite, does not contain the bug and will not need a patch, confirmed Jerry Bryant, a general manager with the Microsoft Security Response Center (MSRC), in an e-mail today. That update, however, had been meant to ship in April.Īnother update will patch one or more vulnerabilities in Excel 2002, 20 on Windows, and Excel 20 on the Mac. Microsoft has gotten into the habit of patching its browser every other month it last updated IE in late March when it rushed out an emergency fix for a zero-day bug. "The IE update will be at the top of the list next week," bet Storms. However, the oldest still-supported version of the browser - IE 5.01 on Windows 2000 - is not affected by the flaw(s). The IE update applies to IE6, IE7 and IE8, and was ranked critical for all three versions for Windows XP, Windows Vista and Windows 7. "There's no safe harbor this month," said Storms. And with one exception - Windows 2000 and Windows XP will not need Bulletin 9 - all currently-supported versions of Windows will require all the patches. Two of the three critical updates will address issues in Windows, while the third will tackle Internet Explorer (IE).Īll six updates affecting Windows will impact Microsoft's newest operating system, Windows 7. The seven remaining patches have been pegged as "important," the next step down from critical. Of the 10 updates, Microsoft labeled three as "critical," the highest threat ranking in the company's four-step system. The monthly advance notification spelled out the patches expected to appear next Tuesday. April's collection, meanwhile, amounted to 11 bulletins that fixed 25 flaws. In May, for example, the company issued just two bulletins that patched two vulnerabilities. Microsoft has been shipping alternating large and small batches of fixes, with the larger-sized updates landing in even-numbered months. Although the 10 updates fall short of the record of 13 - first set in October 2009, then repeated in February 2010 - Microsoft will fix a total of 34 vulnerabilities, the same number as the current record, also set last October. By the numbers, however, next week's updates will be huge.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |