Members
Stats
  • Total Posts: 28531
  • Total Topics: 8240
  • Online Today: 963
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Microsoft: "Only" Two Critical Patches Coming Tuesday  (Read 1300 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Microsoft is planning to deliver a pair of "critical" patches next week during its monthly "Patch Tuesday" event. The two pending patches are meant to fix critical security holes in several versions of Windows, as well as in Visual Basic for Applications.

However, neither of them will fix a zero-day vulnerability in Microsoft's (NASDAQ: MSFT) SharePoint Server 2007 and SharePoint Services 3 that the company warned customers about last week.

"Concerning the recent Security Advisory for SharePoint: http://www.microsoft.com/technet/security/advisory/983438.mspx , we will not be releasing an update for that with the May bulletins. Our teams are still working on an update for that issue," Jerry Bryant, group manager for response communications in the Microsoft Security Response Center (MSRC), said in a blog post Thursday: http://blogs.technet.com/msrc/archive/2010/05/06/advance-notification-for-the-may-2010-security-bulletin-release.aspx

Microsoft typically sends out an advance notification e-mail the Thursday prior to what's known as "Patch Tuesday" -- the second Tuesday of each month when the company releases most of its patches for that month -- in order to let IT professionals know what fixes are in store. However, the SharePoint security flaw may prompt the company to go outside of the Patch Tuesday cycle in order to fix SharePoint.

"It seems likely that we can ... expect an out-of-band patch this month for SharePoint given the critical nature of the cross-site scripting vulnerability, which threatens sensitive corporate information housed on the enterprise content management system," Paul Henry, security and forensic analyst for security firm Lumension, said in an e-mail to InternetNews.com.

Last month, Microsoft released five patches that were rated as critical, the highest level in the company's four-tier severity rating scale.

Among those was a patch for a zero-day vulnerability that Microsoft had warned customers about in early March that could let a malicious hacker penetrate users' systems by getting the Windows help system to execute rogue VBScript code.

Neither of the patches coming this month affect Windows 7.

Microsoft will release its May batch of security patches on Tuesday, May 11: http://www.microsoft.com/technet/security/current.aspx

(eSP)

Samker's Computer Forum - SCforum.info





basant.ece

  • SCF Member
  • **
  • Posts: 59
  • KARMA: 7
Re: Microsoft: "Only" Two Critical Patches Coming Tuesday
« Reply #1 on: 07. May 2010., 21:14:12 »
hey i want to know wethere it is security related aur solve some compatiblity issue of windows 7....

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising