HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 3 MINUTES AGO.
You are here: Home / Windows Security / July Fireworks for Patch Tuesday
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
Patch Tuesday Continues July Fireworks for IT Admins
Patch Tuesday Continues July Fireworks for IT Admins
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
06
2012
Microsoft just announced the bugs it plans to patch on Tuesday. In all, Redmond will fix nine issues. Three of those vulnerabilities are rated "critical," which means they could allow hackers to launch remote code executions. The others vulnerabilities are rated "important."

The July release includes nine bulletins addressing 16 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, and Visual Basic for Applications," said Angela Gunn of Microsoft's Trustworthy Computing Group. "As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible."

Across the Microsoft Board

Paul Henry, a security and forensic analyst at Lumension, said it looked like IT administrators would have to deal with more fireworks this month.

That, he said, is because nine patches is more than double last year's July patches: 4 total, with only 1 critical. According to his research, this puts Microsoft at 51 bulletins for 2012, about on par with 2011, which saw 56 bulletins at this time last year.

"Looking at the bulletins, one of the first things that jumps out is that these really impact the entire family of products, from XP all the way to 2008," Henry told us. "This is really a weird mix of patches, impacting both legacy and current generation software with critical issues."

Henry noted that it remains unclear if Microsoft will issue a patch this month for the XML Core Services issue that is currently being actively exploited in IE attacks. Microsoft normally includes details in its pre-release information if a zero-day patch is included, he explained.

However, in the July pre-release, Microsoft didn't call this out. Microsoft issued a FixIt tool to address the XML Core Services zero-day vulnerability and that may remain the only solution for IT admins in July.

New OSes on Horizon

Beyond July's Patch Tuesday, Henry is looking forward to the next set of potential targets: new operating systems from both Apple and Microsoft. Apple will soon release Mountain Lion and Microsoft is readying Windows 8. Although the full impact on IT remains to be seen, Henry said you can get a jump start by reading about some of the security features for both.

"Mountain Lion is a definite step forward for Apple security, with several new features to make it easier for IT to secure these machines. White-listing, sandboxed applications and daily updates go a long way in securing these products," Henry said.

"Windows 8 will also feature white listing and sandboxed apps, as well as a continuously running security system that starts protecting machines before the operating system is even fully booted."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
UCS Invicta: Integrated Flash Why wait for the future? Unlock the potential of your applications and create new business opportunities today with UCS Invicta Series Solid State Systems. Take advantage of the power of flash technology. See how it can help accelerate IT, eliminate data center bottlenecks, and deliver the peak application performance and predictability your users demand. Click here to learn more.
MORE IN WINDOWS SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.