Just 3 Microsoft Security Updates On Tap Next Week
The next round of Microsoft security updates is considerably smaller than the last.
Microsoft will ratchet back the number of security updates it releases next week from August's record-tying 12 to just 3 for September, the company told customers Thursday.
In the advance notification posted on its Web site, Microsoft said it would release 2 updates for Windows and 1 for Office, the company's industry-leading application suite. Only the Office update will be pegged as "critical," Microsoft's highest warning rank.
The Redmond, Wash. developer also plans to roll out multiple non-security updates classified as "high priority" to users via Microsoft Update, Windows Update, Software Update Services (SUS), and Windows Server Update Services (WSUS).
According to eEye Digital Security, Windows 2000 also sports an unpatched bug that "when exploited allows for remote code execution in SYSTEM context allowing an attacker to take complete control of affected systems."
It would be unlikely, however, that one of the two fixes for Windows would address eEye's bug, since the latter has categorized the flaw as "High" in severity; Microsoft said that the most dire label for the Windows updates will be "Important," which places second in a four-step ranking.
Another security vendor, Internet Security Systems (ISS) has a Windows vulnerability open in its database; by ISS's account, the bug produces a denial-of-service -- in other words a computer crash -- rather than allow an attacker hijack. The bug affects several versions of Windows, including fully-patched Windows XP SP2, Windows Server 2003, and Windows 2000 machines.
September's updates will be available for manual download from the Microsoft Web site on Tuesday, Sept. 12, around 10 a.m. PDT.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.