Microsoft on Thursday offered its monthly advance warning for Patch Tuesday. After a backbreaker in April, Microsoft will only issue two security bulletins on May 10.
One of the bulletins is rated critical. This flaw affects Microsoft Windows Server 2003 and 2008 only. The second bulletin is rated important, and affects Microsoft Office XP, 2007, 2003 and 2004 for Mac.
“As it happened before on several occasions, users of the new versions of Office for both Windows and Mac OS X are not affected by the vulnerabilities,” said Wolfgang Kandek, CTO of Qualys. “However, as both bulletins are for remote-code-execution vulnerabilities, IT administrators should track them closely and address quickly.”
Layering Security
Last month, patches rained as Microsoft released 17 security bulletins that addressed a total of 64 vulnerabilities. This month, flowers are blooming with only two patches, quipped Paul Henry, security and forensics analyst for Lumension.
“However, there will still be some disruption from these bulletins on Patch Tuesday,” he added. “Both provide for remote code execution and may even require a restart.”
Henry noted that recent breaches saw user credentials being distributed over the Internet, making passwords ineffective. In addition to protecting passwords, he said, IT admins need to make certain other layered security measures are in place to prevent unauthorized people from downloading and running malicious software in the environment. He stressed that no one is immune to attack.
“While the light patch load for May will be disruptive, it isn’t out of the ordinary. What we do need to worry about is that in light of recent mega-breaches, we are obviously not getting it right when it comes to protecting ourselves,” Henry said. “People need to reevaluate their security infrastructure, and perhaps even their priorities.”
Exploitability Index Changes
Microsoft on Thursday also announced changes to its Exploitability Index, which assesses the likelihood of functional…
Leave your laptop at home. Tell your tablet or smartphone to step back. Because now you can enjoy a better Internet experience on …
Leave your laptop at home. Tell your tablet or smartphone to step back. Because now you can enjoy a rich Internet experience on th…