Microsoft Plans 12 Security Fixes For Aug. 12 'Patch Tuesday' - InformationWeek
Software // Operating Systems
03:18 PM
Connect Directly
Building Security for the IoT
Nov 09, 2017
In this webcast, experts discuss the most effective approaches to securing Internet-enabled system ...Read More>>

Microsoft Plans 12 Security Fixes For Aug. 12 'Patch Tuesday'

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

Microsoft on Thursday said that it will release 12 security updates Aug. 12 as part of its regularly scheduled patch day.

The company's upcoming Security Bulletin is scheduled to include seven fixes rated "critical" and five rated "important."

The affected software with "critical" vulnerabilities includes Windows, Internet Explorer, Media Player, Access, Excel, PowerPoint, and Office. Programs with "important" vulnerabilities include Windows, Outlook Express, Messenger, and Office.

In a prepared statement sent via e-mail, Don Leatham, director of solutions and strategy at Lumension Security, said that Microsoft's August patch will keep IT departments busier than they were handling its July patch.

Leatham urged IT teams to make sure they have determined whether they need to update Windows Server Update Services, as per Microsoft's recent advisory. And he said that IT teams that have not yet deployed Microsoft's DNS update should make that a priority, given the existence of public exploit code.

At the Black Hat conference this week, Microsoft announced several initiatives aimed at improving communication channels among Microsoft, third-party security vendors, and its business customers. These include the Microsoft Vulnerability Research program, which formalizes how Microsoft reveals vulnerabilities its researchers find in third-party software; the Exploitability Index, an assessment of the likelihood that exploit code will become available following the issuance of Security Bulletins; and the Microsoft Active Protections Program, a plan to share vulnerability information about Microsoft products with third-party vendors before that information is released to the public.

In a recent interview with InformationWeek, Mike Reavey, security program manager for Microsoft Security Response Center, said that data from Microsoft's malicious software removal tool indicates that Windows Vista machines have 60% less malware than PCs running Windows XP.

Even so, Microsoft may not want to crow too much about Windows Vista. Researchers at the Black Hat conference this week presented ways to bypass several Vista security mechanisms.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll