Microsoft set to deliver 11 patches next week

Share this article:
Microsoft said Thursday it plans to release 11 patches next week, including four to address "critical" vulnerabilities that could be remotely exploited to execute malicious code.

The critical fixes address flaws in Windows, Internet Explorer, Host Integration Server and Excel, according to Microsoft's advance notification document.

Six bulletins are labeled "important" and affect issues in Windows. Microsoft also has scheduled one "moderate" patch to fix bugs in Office.

The security update matches the number of fixes in August. September saw only four patches.

Along with the patches, next week Microsoft plans to release its monthly updated version of the Windows Malicious Software Removal Tool.

This month also marks the unveiling of two initiatives aimed at helping end-users patch more effectively: the Microsoft Active Protections Program (MAPP) and the Exploitability Index.

Under the former, Microsoft will share vulnerability details with approved software security providers prior to the monthly fixes being released. This will allow security firms to immediately protect their customers once the patches are delivered.

The Exploitability Index tool will be included with security updates to enable users to measure the likelihood of the flaw in question being exploited. Each vulnerability will be placed into one of the three categories, depending on whether "consistent" exploit code is likely, whether "inconsistent" exploit code is likely or whether exploit code is unlikely.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.