Next Tuesday Microsoft to Release Super Size Patch

Home > Featured > Google’s YouTube in Talks with Major Movie Studios > Twitter Mobile Grows by 60 Percent Since April 2010 > Novell Launches Innovative Cloud Security Service > Speculation Grows That Apple Is Pursuing Alternatives to AT&T > 3Par Bidding War Continues > Unified Communications and the Rules of Retention > Oracle names Mark Hurd President, HP Files Suit > Google Instant Makes the Search Experience Even Faster > HP Acquires 3Par with $2.4 B Bid > Microsoft Windows Phone 7 Manufacturing Release Launched > HP Offers $2 Billion for 3Par to Surpass Dell > Apple’s Ping Faces Challenges Ahead > Dell Claims 3Par OK’s New $1.6 Billion Bid > HP Tops Dell’s Bid For 3PAR with $1.6 Billion Offer > Apple Game Changing Digital Wallet Just Around the Corner? > SocialDesk Is Google’s 5th Acquisition In August > Next Tuesday Microsoft to Release Super Size Patch

Print This Page

Send to a Friend

Author: John Duckgeischel on September 9, 2010 - 5:07 PM

On September 14^th, Microsoft will release nine security related updates to fix 13 bugs in Windows, Office and Web server software. Four updates are listed as “critical”, which is Microsoft’s highest threat level, and an additional five updates were labeled as “important”, the second highest level. The patch is twice the size of a typical patch for the odd numbered months, such as September, which would typically be a month with a smaller batch of fixes.

Some experts had speculated that the patch is targeting the DLL or dynamic-link libraries vulnerabilities identified three weeks ago by HD More, chief security officer at Rapid7. Some of the vulnerabilities are tied to Microsoft’s office suite including PowerPoint 2007 and 2010, and Word 2007, which are can be subject to “DLL load hijacking”. "I don't think it's likely that they'll have something [in Windows] on the DLL problem," stated Wolfgang Kandek, chief security officer of Qualys. "I'd like to see it, but it's a tough decision for them because that has the potential of making apps stop working." Don Leatham senior director of solutions and strategy at Lumension pointed out that the update mix focuses on older versions of Windows. According to a recent Leatham email, "These results show that organizations running Windows 7 are running much more secure environments, and as an added benefit, this Patch Tuesday will practically be a non-event for them," Leatham said. "Organizations stuck on Windows XP need to take a hard look at the cost and risk factors associated with staying on that dated platform."