All the latest UK technology news, reviews and analysis


Microsoft to add four critical fixes to patch deluge

08 Mar 2013
Microsoft logo

Microsoft is planning to launch four critical and three important patches for March's Patch Tuesday delivery.

The majority of this month's patches focus on preventing drive-by and end-user attacks.

This month's patches come during a hectic time for IT admins looking to patch up vulnerabilities.

"IT admins can't seem to catch a break this year. First, the never ending stream of Java issues that has kept folks on their toes since January," said security and forensic analyst at Lumension Paul Henry.

"Now they've got another busy month of patches ahead of them, with seven total patches from Microsoft, four of which are critical."

March's patches come in the wake of a slew of discovered vulnerabilities pertaining to the Java platform. Earlier this year, security researchers found a slew of zero-day exploits within Java software.

For this month's Patch Tuesday, Henry recommends putting a priority on security bulletin number one. The bulletin focuses on remote code execution issues found in Internet Explorer 10, Windows RT, and Windows 8.

"What's particularly concerning to me is that this is a remote code execution issue that critically affects the latest version of Internet Explorer and in the two newest versions of Windows: Windows 8 and Windows RT. Fortunately, this issue has no known attacks in the wild," continued Henry.

Another alarming trend for IT admins could prove to be the fact that this month's patches focus on end-user systems. According to the senior product manager at Core Security, Alex Horan, having to patch end-user systems could prove a hassle to administrators.

"My concern in reviewing these updates isn't so much centered around the critical nature of the vulnerability, but rather the number of end-user patches that are required to shore them up," said Horan.

"These patches can be a hassle for users to deploy and have the potential to create a long enough delay where hackers can take advantage."

Redmond's patches come from its monthly Patch Tuesday program. Patches are expected to be released to the public on 12 March.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
James Dohnert
About

James is a freelance writer and editor. In addition to ClickZ, his work has appeared in publications like V3, The Commonwealth Club, CachedTech.com, and Shonen Jump magazine. He studied Journalism at Weber State University.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Work location poll - office, remote or home?

Where do you spend most time working on your primary work device?
61%
13%
0%
0%
26%
0%

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
mubaloo2

Beacon technology: what are the opportunities and how does the technology work?

This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Software Developer - C# / C++ ( ASP.Net ) - Cambridge

Software Developer - C# / C++ ( ASP.Net ) Are you...

IT Project and Service Manager *Airport Systems* Heathrow

Project Manager, Service Manager, IT, Software PrinceII...

Senior Software Engineer in Test

About the job my client is looking to hire a Senior...

Contract Global Architect, software & global essential

Chief Global Architect, Contract, c £ 900 - 1100 per...
To send to more than one email address, simply separate each address with a comma.