Software // Operating Systems
News
8/8/2008
03:18 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Microsoft Plans 12 Security Fixes For Aug. 12 'Patch Tuesday'

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

Microsoft on Thursday said that it will release 12 security updates Aug. 12 as part of its regularly scheduled patch day.

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

The affected software with "critical" vulnerabilities includes Windows, Internet Explorer, Media Player, Access, Excel, PowerPoint, and Office. Programs with "important" vulnerabilities include Windows, Outlook Express, Messenger, and Office.

In a prepared statement sent via e-mail, Don Leatham, director of solutions and strategy at Lumension Security, said that Microsoft's August patch will keep IT departments busier than they were handling its July patch.

Leatham urged IT teams to make sure they have determined whether they need to update Windows Server Update Services, as per Microsoft's recent advisory. And he said that IT teams that have not yet deployed Microsoft's DNS update should make that a priority, given the existence of public exploit code.

At the Black Hat conference this week, Microsoft announced several initiatives aimed at improving communication channels among Microsoft, third-party security vendors, and its business customers. These include the Microsoft Vulnerability Research program, which formalizes how Microsoft reveals vulnerabilities its researchers find in third-party software; the Exploitability Index, an assessment of the likelihood that exploit code will become available following the issuance of Security Bulletins; and the Microsoft Active Protections Program, a plan to share vulnerability information about Microsoft products with third-party vendors before that information is released to the public.

In a recent interview with InformationWeek, Mike Reavey, security program manager for Microsoft Security Response Center, said that data from Microsoft's malicious software removal tool indicates that Windows Vista machines have 60% less malware than PCs running Windows XP.

Even so, Microsoft may not want to crow too much about Windows Vista. Researchers at the Black Hat conference this week presented ways to bypass several Vista security mechanisms.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.