Microsoft Plans 12 Security Fixes For Aug. 12 'Patch Tuesday' - InformationWeek
Software // Operating Systems
03:18 PM
Connect Directly

Microsoft Plans 12 Security Fixes For Aug. 12 'Patch Tuesday'

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

Microsoft on Thursday said that it will release 12 security updates Aug. 12 as part of its regularly scheduled patch day.

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

The affected software with "critical" vulnerabilities includes Windows, Internet Explorer, Media Player, Access, Excel, PowerPoint, and Office. Programs with "important" vulnerabilities include Windows, Outlook Express, Messenger, and Office.

In a prepared statement sent via e-mail, Don Leatham, director of solutions and strategy at Lumension Security, said that Microsoft's August patch will keep IT departments busier than they were handling its July patch.

Leatham urged IT teams to make sure they have determined whether they need to update Windows Server Update Services, as per Microsoft's recent advisory. And he said that IT teams that have not yet deployed Microsoft's DNS update should make that a priority, given the existence of public exploit code.

At the Black Hat conference this week, Microsoft announced several initiatives aimed at improving communication channels among Microsoft, third-party security vendors, and its business customers. These include the Microsoft Vulnerability Research program, which formalizes how Microsoft reveals vulnerabilities its researchers find in third-party software; the Exploitability Index, an assessment of the likelihood that exploit code will become available following the issuance of Security Bulletins; and the Microsoft Active Protections Program, a plan to share vulnerability information about Microsoft products with third-party vendors before that information is released to the public.

In a recent interview with InformationWeek, Mike Reavey, security program manager for Microsoft Security Response Center, said that data from Microsoft's malicious software removal tool indicates that Windows Vista machines have 60% less malware than PCs running Windows XP.

Even so, Microsoft may not want to crow too much about Windows Vista. Researchers at the Black Hat conference this week presented ways to bypass several Vista security mechanisms.

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll