Software // Operating Systems
02:38 PM
Connect Directly

Microsoft Plans Four 'Critical' Security Bulletins Next Week

The four bulletins are titled "Windows Media Player Bulletin," "Windows Bulletin," "Windows Media Encoder Bulletin," and "Office Bulletin."

Microsoft plans to release four security fixes next week as part of its regularly scheduled patch day, which this month falls on Tuesday, September 9.

All four of the Security Bulletins are designated 'critical' because they involve the possibility of remote code execution.

The four bulletins are titled "Windows Media Player Bulletin," "Windows Bulletin," "Windows Media Encoder Bulletin," and "Office Bulletin."

Though there are only four bulletins, far fewer than the 11 released last month, the September patch cycle won't be a cakewalk. The "Windows Bulletin" covers many vulnerabilities in different software components.

Two of the bulletins are related to Windows Media software, Media Player 11 and the Media Encoder. Media files have become a common attack vector because it's generally easier to trick someone into opening a malicious Paris Hilton video than, say, a malicious Paris Hilton Visio file.

Next month, Microsoft plans to begin providing additional information to business professionals and security vendors to help make security patches easier to understand and to prioritize.

Starting with its October patch cycle, Microsoft will rate the likelihood that vulnerabilities will be exploited using the Microsoft Exploitability Index. Vulnerabilities will be rated using one of three designations: Consistent Exploit Code Likely, Inconsistent Exploit Code Likely, and Functioning Exploit Code Unlikely. The aim is to help IT professionals figure out which patches should be applied immediately.

Microsoft will also begin providing security information to large third-party security companies in advance of official publication through the Microsoft Active Protections Program.

The two new programs are part of Microsoft's six-year-old Trustworthy Computing initiative.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of August 14, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.