News & Information for Technology Purchasers
NewsFactor Network Sites:   NewsFactor.com Security CRM Business Sci-Tech Newsletters XML/RSS Feed  
   
Home Enterprise I.T. Hardware Software Communications More Topics...
Microsoft/Windows
Average Rating:
Rate this article:  
Critical Patch Tuesday Pains I.T. Admins Critical Patch Tuesday Pains I.T. Admins
By Jennifer LeClaire
August 14, 2007 8:44AM

    Bookmark and Share
One source of pain for I.T. admins dealing with Microsoft's August Patch Tuesday set of updates is that all six critical patches require system reboots. Along with two of the important patches, the critical patches all address bugs that, if exploited, could allow remote code execution, giving hackers the ability to take over a machine.
 

Related Topics

Microsoft
Windows
Office
Patch
Vulnerability
Bugs
Updates

Latest News

Macworld Focuses on Mobile Apps
MS: Windows 7 Doesn't Hurt Battery
Nexus One 'Support' Passes the Buck
MS: Russian Pirates Scamming Us
Super Bowl Ads Go for Laughs, Heart


Patch Tuesday is upon I.T. admins once again, but this month's update has headache written all over it, according to security analysts. Microsoft Relevant Products/Services is issuing nine patches, six of them rated "critical" and three rated "important." The patches will plug holes in Windows Relevant Products/Services, Office, Internet Explorer, Windows Media Player, and Virtual PC.

Although this is not Microsoft's biggest Patch Tuesday in terms of number of updates, the details of the patches indicate a broad spectrum of exposure, according to Paul Zimski, senior director of Market and Product Strategy for PatchLink.

"This is a target-rich environment for hackers," Zimski said. "Organizations need to remediate these vulnerabilities as quickly as possible to avoid falling victim to quick turnaround exploits."

Hacker Heaven

One source of pain for I.T. admins is that all six critical patches require system Relevant Products/Services reboots. Along with two of the important patches, the critical patches all address vulnerabilities that, if exploited, could allow remote code execution, giving hackers the ability to take over a machine.

"This creates a nightmare scenario, and is not far off from complete administrator access -- the favorite attack vector," Zimksi said.

One of the six critical patches not only affects Microsoft Office running on several flavors of Windows, but also affects Office 2004 for Mac. This type of vulnerability is part of an alarming trend, according to Zimski.

"There is an increasing number of attacks occurring at the application layer, illustrating the need for a cross-platform vulnerability management strategy," Zimski said. "Only paying attention to Microsoft -- no matter how serious this round of patches may be -- does not promote a secure foundation," he added. "Organizations must be vigilant across all their applications and operating systems."

Mislabeled Vulnerabilities?

Some security researchers are insisting that at least one of the patches Microsoft has labeled "important" should be treated as critical. The patch in question is for Windows Media Player.

"This is only given a rating of 'important' because it requires some form of user interaction Relevant Products/Services, but many users browsing the Internet are viewing media. Even if an organization blocks certain Web sites or active content, they typically don't block streaming media, which could easily trick users into compromise if this vulnerability is exploited," Zimski said.

As part of the patch rollout, Microsoft is releasing an updated version of the Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. Microsoft is also releasing other nonsecurity, high-priority updates on Microsoft Update and Windows Server Update Services.
 

Tell Us What You Think
Your Comment:

Also Visit:


Advertisement


 Microsoft/Windows
1.   MS: Windows 7 Doesn't Hurt Battery
2.   Tips for More Windows 7 Productivity
3.   MS: Russian Pirates Scamming Us
4.   Patch Tuesday Will Tie MS Record
5.   Battery Drains Linked To Windows 7


advertisement
Tips for More Windows 7 ProductivityTips for More Windows 7 Productivity
Win 7 is chock-full of unsung features.
Average Rating:
Is Bill Gates Batting for Team China?Is Bill Gates Batting for Team China?
He implies Google is overreacting.
Average Rating:
Rush IE Patch Coming Says MicrosoftRush IE Patch Coming Says Microsoft
Exploit testing tools are being updated.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

CRM Systems

  Experience CRM—and Business—Success today with Salesforce.com.

Data Storage

  AT&T Synaptic Storage as a Service. Learn more.

Enterprise Hardware

  Trade in your old printer and save up to $400.
  Find out why now is the best time to buy a new APC Smart-UPS!
  HP ProLiant G6 Servers. Perform like a superstar, Save like an accountant.

Enterprise I.T.

  Tell us what you think. Take a survey.
  AT&T Synaptic Storage as a Service. Learn more.
  Find out why now is the best time to buy a new APC Smart-UPS!
  Stand out from other IS Professionals and increase your earning potential.

Enterprise Software

  Read the Top 10 Reasons to Upgrade to Windows Server 2008 R2.

Microsoft/Windows

  Read the Top 10 Reasons to Upgrade to Windows Server 2008 R2.

Enterprise Hardware Spotlight
Microsoft Says Battery Woes Not Caused By Windows 7
Battery problems on Windows 7 machines are not caused by the operating system. That's the position of Stephen Sinofsky, head of the Windows division, in a long posting on the Windows engineering blog.
 
IBM's New POWER7 Servers Save Energy with Big Loads
IBM has unveiled high-capacity servers that are the first to be based on its new, multi-core POWER7 chip. It said the new line is designed "to manage the most demanding emerging applications."
 
'Dead Simple, Dirt Cheap' JooJoo Tablet Shipping Soon
The JooJoo, a web-browsing tablet device that is the subject of a high-profile legal dispute, appears on track to reach buyers at the end of February, but the tablet scene has dramatically changed.
 

Enterprise Technology Spotlight
Google May Add Facebook, Twitter Links to Gmail
Google will reportedly roll more social-networking features into Gmail, the fastest-growing e-mail service. The new features could save users the trouble of switching to Facebook or Twitter.
 
IBM's New POWER7 Servers Save Energy with Big Loads
IBM has unveiled high-capacity servers that are the first to be based on its new, multi-core POWER7 chip. It said the new line is designed "to manage the most demanding emerging applications."
 
IBM Opens Eco-Friendly, Cloud-Focused Data Center
IBM has opened its latest data center in North Carolina. Big Blue said the $362 million facility in Research Triangle Park is designed to support cloud computing and other new computing models.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Hardware | Software | Communications | Network Security | Wireless Tech | Linux/Open Source
Apple/Macintosh | Microsoft/Windows | World Wide Web | Data Storage | E-Commerce | Personal Tech | Tech Trends | Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | Free Whitepapers | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2010 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo.