Topics:
Security
October's Scary Patch Tuesday
There are eight bulletins that are critical, to be exact. Microsoft's advanced notification is available here. Tuesday will also be the first time Microsoft included Windows 7 in the monthly patch cycle, with five bulletins affecting the new operating system set for general availability later this month. If you are a Windows user, it will be tough to dodge the patch bullet. Operating systems being patched include Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server R2 2008. Microsoft's Office suites: Microsoft Office XP, Microsoft Office 2003, and 2007 Microsoft Office System. Add Visio, office Project, and many office viewers as well. Microsoft SQL server is also getting a fix, as will the company's Forefront security client. If that's not enough patching for you come Tuesday, Adobe is serving updates of its own. Yesterday, Adobe gave a heads up that Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh will be patched. These flaws are already, in limited numbers, being leveraged in a small number of attacks: Among other issues, this update will resolve a critical vulnerability in Adobe Reader and Acrobat 9.1.3 and earlier (CVE-2009-3459) on Windows, Macintosh and UNIX. There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows. Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista are protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date.
My mobile security and business observations can be found on Twitter @georgevhulme. « Open Three Ways, Or More | Main | Bean, A Free Mac Word Processor That Does Less » |
| Sign Up Now For InformationWeek News Alerts |
This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
