Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Six of the fixes address bugs in Windows and the other four remediate issues in Internet Explorer, Word, Excel and Office, according to an advance notification bulletin issued today.Microsoft won't say specifically what the patches fix, but there are two zero-day issues -- announced in May -- that are being actively exploited: a privilege-escalation flaw in the Internet Information Services (IIS) web server and a bug in DirectX, used on Windows to enable graphics and sound.Microsoft said it does not plan to release a patch for the latter flaw."Our security teams are working hard on a security update that addresses this issue to protect customers, but we do not yet have an update that has reached the appropriate level of quality for broad distribution," Jerry Bryant of Microsoft said on the company's Security Response Center blog.But Tas Giakouminakis, CTO of Rapid7, provider of vulnerability management, said a fix may be coming for the IIS issue. If it does, administrators should take it seriously."We've seen them [Microsoft] probably, best case, 10 days from zero day to actually getting a patch out," he said. "The fact that you can bypass authentication and access files on a system...it's a critical item."Microsoft also plans to issue another update for a PowerPoint hole that was patched last month but did not contain fixes for the Mac OS X.See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.