January 03, 2013

Microsoft to open year with seven patches

Microsoft is set to kick off the New Year with seven patches, two rated "critical," to amend 12 vulnerabilities present in Windows, Office, Developer Tools, .NET Framework and server software.

It does not appear that a zero-day vulnerability in Internet Explorer, which has been used to spread malware on a limited number of targeted websites, will be fixed. Of those that will, the most pressing bulletins to address are the two critical ones, according to researchers.

One involves an issue with Server Core, an installation option for PCs running Windows Sever 2008.

"This is where I would prioritize patching efforts because this is potentially a wormable bug, and since Server Core is affected, it could apply to a very common service," Ross Barrett, senior manager of security engineering at Rapid7, a vulnerability management company, said in prepared comments.

The patches are set to be released approximately 1 p.m. EST on Tuesday.

Related Articles
Related Topics

More in News

Google hackers wanted to know which Chinese intel operatives were being watched

Attackers who raided Google in 2010 to learn information about Chinese human rights activists were also trying to gain insight on which Chinese intelligence agents were on the radar of U.S. authorities, according to a report.

California law would require breach notice if online account information is stolen

The new legislation would amend the definition of "personal information" under the state's breach notification law.

Liable to attack: Cyber insurance can help organizations cover the cost of breaches

Liable to attack: Cyber insurance can help organizations ...

Everyone is familiar with health, flood, car and life insurance, but what happens when the digital equivalent of a disaster strikes? Some entities may want this peace of mind, but ...