Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft plans to distribute five patches -- all labeled "critical" -- in next Tuesday's monthly security update.All the bulletins will address flaws in Windows, according to an advance notification released this week. Four of the patches impact all supported versions of the operating system, while one does not involve Server 2008 or Vista. Few other details emerged in the notification. There remains one known, unpatched Microsoft vulnerability: an FTP server bug, present in older versions of Internet Information Systems, that was disclosed this week on the exploit repository Milw0rm. Microsoft has acknowledged the flaw.However, a patch for the vulnerability is not expected to arrive Tuesday, Jerry Bryant, a Microsoft security program manager, said on a company blog. He said engineers are "working hard" on a fix and, in the meantime, recommended that users review an earlier advisory, which contains workaround options.Andrew Storms, director of security operations at vulnerability management firm nCircle, told SCMagazineUS.com that he instead expects the update Tuesday to patch "something deeply rooted in the operating system", such as an issue with the Graphics Device Interface (GDI) or Active Template Library (ATL).Even though it is likely none of the patches will remediate previously known problems, administrators still should take them seriously."The likelihood of exploits coming out post-Tuesday are generally pretty fast anyway," Storms said. "That time from release to exploit has increasingly gotten shorter over the years."See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.