All the latest UK technology news, reviews and analysis
|
|
|
08 Jan 2010
IT administrators will be relieved to hear that next week's Microsoft Patch Tuesday will see just one bulletin addressing a single vulnerability in Windows.
Microsoft security spokesman Jerry Bryant announced the news in a blog posting yesterday, explaining that the single vulnerability is rated as 'critical' on Windows 2000 and 'low' for all other platforms.
"Customers with Windows 2000 systems will want to review and deploy this update as soon as possible but, as we will show in our release guidance next week, the Exploitability Index rating for this issue will not be high, which lowers the overall risk," he wrote.
The news will come as something of a relief to IT staff, who have recently had to cope with mammoth security updates from Microsoft. In October, the firm released 13 bulletins addressing a whopping 34 vulnerabilities.
But there was also cause for concern among security professionals, as Bryant pointed out that Microsoft's security team is not addressing a known flaw in its Server Message Block protocol which could enable denial-of-service attacks.
"We are still working on an update for the issue at this time," he wrote. " We are not aware of any active attacks using the exploit code that was made public for this vulnerability, and continue to encourage customers to follow the guidance in the advisory which outlines best practices to help protect systems against attacks that originate outside of the enterprise perimeter."
Matthew Walker, UK and Ireland director at endpoint management firm Lumension, warned IT administrators not to get used to the lighter patch load seen this month.
"Perhaps they can use the time to prepare for the numerous updates and patches yet to come, and also resolve the current Server Message Block denial-of-service problems, the MySQL zero-day rumours and the latest Adobe PDF issue," he said.
"Bear in mind that patches for these issues are around the corner. Just because they aren't being addressed with the first patch bulletin of the year doesn't mean that IT administrators should not keep a close eye out for them shortly."
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
Security Assurance Consultant ( CLAS ) with HMG and Information...
Solutions Design Architect - Oracle - Exadata - Dataguard...
My Client is a tier one investment bank based in Edinbugh...
Analyst Programmer Web Developer required to work for...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?