Top 5 Stories


IT administrators give thanks for light Patch Tuesday

07 November 2011

Microsoft is giving IT administrators a break for Thanksgiving, with only four security bulletins for this month’s Patch Tuesday.

Only one of the bulletins is rated critical by Microsoft, which addresses a flaw that could result in remote code execution attacks for the newer operating systems – Windows Vista, Windows 7, and Windows 2008 Server R2.

The critical bulletin has an exploitability rating of 3, suggesting that it is not likely this patch will be used, commented Paul Henry, a security and forensic analyst at Lumension. All four patches will impact Windows platforms and will require a reboot, Henry added.

One of the important bulletins also fixes a flaw that could result in remote code execution. The other important bulletin plugs an elevation of privilege flaw, and the moderate bulletin plugs a hole that could result in denial of service attacks.

“November looks like it’s going to be an the upside down month for Microsoft. Of the four bulletins to be posted... only one affects XP and 2003. In a flip-flop from normal patches, the majority of the bulletins affect newer operating systems”, said Andrew Storms, director of security operations at nCircle.

Wolfgang Kandek, chief technology officer at Qualys, also found it curious that the patches are for the newer operating systems. “Interestingly the majority of bulletins only apply to these newer versions of Windows, and XP and 2003 users are only affected by bulletin three, which is rated important….Overall, this is a Patch Tuesday that will give a break to many IT administrators.”

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×