All the latest UK technology news, reviews and analysis


Microsoft to add four critical fixes to patch deluge

08 Mar 2013
Microsoft logo

Microsoft is planning to launch four critical and three important patches for March's Patch Tuesday delivery.

The majority of this month's patches focus on preventing drive-by and end-user attacks.

This month's patches come during a hectic time for IT admins looking to patch up vulnerabilities.

"IT admins can't seem to catch a break this year. First, the never ending stream of Java issues that has kept folks on their toes since January," said security and forensic analyst at Lumension Paul Henry.

"Now they've got another busy month of patches ahead of them, with seven total patches from Microsoft, four of which are critical."

March's patches come in the wake of a slew of discovered vulnerabilities pertaining to the Java platform. Earlier this year, security researchers found a slew of zero-day exploits within Java software.

For this month's Patch Tuesday, Henry recommends putting a priority on security bulletin number one. The bulletin focuses on remote code execution issues found in Internet Explorer 10, Windows RT, and Windows 8.

"What's particularly concerning to me is that this is a remote code execution issue that critically affects the latest version of Internet Explorer and in the two newest versions of Windows: Windows 8 and Windows RT. Fortunately, this issue has no known attacks in the wild," continued Henry.

Another alarming trend for IT admins could prove to be the fact that this month's patches focus on end-user systems. According to the senior product manager at Core Security, Alex Horan, having to patch end-user systems could prove a hassle to administrators.

"My concern in reviewing these updates isn't so much centered around the critical nature of the vulnerability, but rather the number of end-user patches that are required to shore them up," said Horan.

"These patches can be a hassle for users to deploy and have the potential to create a long enough delay where hackers can take advantage."

Redmond's patches come from its monthly Patch Tuesday program. Patches are expected to be released to the public on 12 March.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
James Dohnert
About

James is a freelance writer and editor. In addition to ClickZ, his work has appeared in publications like V3, The Commonwealth Club, CachedTech.com, and Shonen Jump magazine. He studied Journalism at Weber State University.

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
23%
14%
4%
17%
30%
12%

Popular Threads

Powered by Disqus
Sony Xperia Z2 smartphone running Android KitKat 4.4

Sony Xperia Z2 video

We test out the latest Android KitKat flagship from Sony

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Java Developers X2 - Oslo

Java, Algorithms, Data Structures, Groovy, Rails, Linux...

Front End Web Developers x2 - Oslo

HTML, CSS (SASS), JavaScript, JQuery, Angular JS, ROR...

Web Developers x3 - work from home

HTML, CSS, JavaScript, PHP/PHP 5, MySQL, LAMP, Subversion...

Front End Web Developers (eCommerce) x3

HTML, CSS, JavaScript, eCommerce Package (Ideally Demandware...
To send to more than one email address, simply separate each address with a comma.