Light patch load to start year from Microsoft

Share this article:
IT administrators are expected to have just one security update to deal with on Tuesday, when Microsoft delivers its monthly round of fixes.

The single patch addresses at least one vulnerability in Windows, according to the company's advance notification bulletin. The patch takes on a "critical" rating for all supported Windows versions, except Vista and Server 2008, where it carries a "moderate" designation.

"This tells us [the flaw] is in the older code base," Wolfgang Kandek, CTO of vulnerability management firm Qualys, told SCMagazineUS.com on Thursday.

He said IT staffs will appreciate the light load -- especially after a December mammoth update that dropped eight fixes for 28 vulnerabilities -- but he was surprised next week's update will not include a fix for the recently announced flaw in SQL server.

"I would've expected them to come out with something there," he said.

Microsoft did include workarounds in its SQL Server Security Advisory.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Ground system for weather satellites contains thousands of 'high-risk' bugs

Ground system for weather satellites contains thousands of ...

An audit of the Joint Polar Satellite System ground system revealed thousands of vulnerabilities, most of which will be addressed in two years when the next version of the system ...

Threat report on Swedish firms shows 93 percent were breached

The study by KPMG and FireEye also found that 49 percent of detected malware was unknown.

Former acting HHS cyber director convicted on child porn charges

Former acting HHS cyber director convicted on child ...

Timothy DeFoggi, who was nabbed by the FBI last year in its Operation Torpedo investigation was convicted by federal jury in Nebraska.