All the latest UK technology news, reviews and analysis


Microsoft forced to ready critical Windows 8 patch

09 Nov 2012
Microsoft logo

Microsoft said that it will deliver six security bulletins, four of which address critical flaws for systems including the newly-released Windows 8, in next week's scheduled security update.

The company said that the November edition of Patch Tuesday will include fixes for vulnerabilities in Windows, Internet Explorer, Office and the .NET framework.

According to Microsoft's advance notification posting, all supported versions of Windows, ranging from Windows XP to Windows 8, will be subject to critical fixes, as will all supported versions of Windows Server and Internet Explorer 9.

While Microsoft does not provide details on vulnerabilities prior to the release of a patch, the company said that all four of the critical patches will address remote code execution vulnerabilities.

Additionally, the company is planning to release a bulletin to patch a remote code execution flaw in the Office which has been categorised as an 'important' risk level and a patch for an information disclosure vulnerability in Windows classified as 'moderate.'

Microsoft noted that the Office patch would also be distributed to Mac users running the OS X version of the productivity suite.

Paul Henry, a security and forensic analyst with Lumension, said that the number of fixes for serious flaws in Microsoft's latest products was particularly worrisome given Microsoft's commitment to a secure development process.

"Right off the top, it’s disappointing to see the critical bulletins impacting more than just legacy code as we’ve come to expect in recent months. These bulletins impact many current generation products and that’s concerning," Henry explained.

"Nothing is ever 100 percent secure and albeit mistakes are made in software. But it’s still ugly to see."

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
22%
15%
5%
19%
27%
12%

Popular Threads

Powered by Disqus
samsung-galaxy-s5-smartphone

Samsung Galaxy S5 video review

We break down the key strengths and weaknesses of Samsung's latest Android flagship

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Hybrid PMO/Project Manager

My client is currently recruiting for an exciting contract...

Web Developer – HTML5, CSS3, Object Orientated PHP (5),

Web Developer – HTML5, CSS3, Object Orientated PHP (5...

Javascript Developer – Node, Bootstrap, Backbone, Angular

Javascript Developer – Node, Bootstrap, Backbone, Angular...

Java Software Engineer – JDBC, Spring, SQL Query Design

Java Software Engineer – JDBC, Spring, SQL, AWS 3 MONTH...
To send to more than one email address, simply separate each address with a comma.