Five bulletins planned for post-ANI fix Patch Tuesday

Share this article:

On the heels of Tuesday's early fix for the ANI flaw and other Graphics Device Interface vulnerabilities, Microsoft announced today that it will distribute five security bulletins next Tuesday.

The highest severity rating for any of these flaws is "critical," according to Microsoft.

Four of the fixes will affect Windows, while the other will patch Microsoft Content Manager Server.

Microsoft will also release six non-security high priority updates as part of its regularly scheduled Patch Tuesday distribution.

Security researchers haven’t rested much since late last month when attacks on the Windows ANI flaw began.

Despite Tuesday’s early distribution, exploits continued to attack unpatched PCs this week, using pictures of Britney Spears and other lures as malware bait.

A number of sites containing iFrames, which permit the embedding of HTML documents inside a main document, are contributing to the spread of exploits, according to researchers.

The SANS Internet Storm Center and other research organizations have also reported problems with the Realtek HD Audio Control Panel after installation of the early patch.

Alexander Sotirov, researcher at Determina, the firm that first reported the flaw to Microsoft last year, said this week that Windows PCs with Firefox are also vulnerable to the flaw.

In the wake of the early release, a number of security researchers questioned whether Microsoft should change its patch release process.

Click here to email Frank Washkuch Jr.

 

 

Looking for a new job? SCMagazine.com has the latest IT security employment opportunities. Click here for our jobs page.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.