Microsoft Plans 12 Security Fixes For Aug. 12 'Patch Tuesday' - InformationWeek
Software // Operating Systems
03:18 PM
Connect Directly
Moving UEBA Beyond the Ground Floor
Sep 20, 2017
This webinar will provide the details you need about UEBA so you can make the decisions on how bes ...Read More>>

Microsoft Plans 12 Security Fixes For Aug. 12 'Patch Tuesday'

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

Microsoft on Thursday said that it will release 12 security updates Aug. 12 as part of its regularly scheduled patch day.

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

The affected software with "critical" vulnerabilities includes Windows, Internet Explorer, Media Player, Access, Excel, PowerPoint, and Office. Programs with "important" vulnerabilities include Windows, Outlook Express, Messenger, and Office.

In a prepared statement sent via e-mail, Don Leatham, director of solutions and strategy at Lumension Security, said that Microsoft's August patch will keep IT departments busier than they were handling its July patch.

Leatham urged IT teams to make sure they have determined whether they need to update Windows Server Update Services, as per Microsoft's recent advisory. And he said that IT teams that have not yet deployed Microsoft's DNS update should make that a priority, given the existence of public exploit code.

At the Black Hat conference this week, Microsoft announced several initiatives aimed at improving communication channels among Microsoft, third-party security vendors, and its business customers. These include the Microsoft Vulnerability Research program, which formalizes how Microsoft reveals vulnerabilities its researchers find in third-party software; the Exploitability Index, an assessment of the likelihood that exploit code will become available following the issuance of Security Bulletins; and the Microsoft Active Protections Program, a plan to share vulnerability information about Microsoft products with third-party vendors before that information is released to the public.

In a recent interview with InformationWeek, Mike Reavey, security program manager for Microsoft Security Response Center, said that data from Microsoft's malicious software removal tool indicates that Windows Vista machines have 60% less malware than PCs running Windows XP.

Even so, Microsoft may not want to crow too much about Windows Vista. Researchers at the Black Hat conference this week presented ways to bypass several Vista security mechanisms.

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll