Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft is planning to next week release 14 patches to fix 20 vulnerabilities across its product line, the company announced Thursday.
Tuesday's monthly security update, to be released around 10PM AEST, will come with three critical and 11 important bulletins to plug holes in Windows, Office, Internet Explorer, Publisher and Windows Media Player.
Most of the vulnerabilities, if exploited, can lead to remote code execution.
It is unclear if the update will include remediation for an unpatched Windows Kernel vulnerability, disclosed just prior to the November patches, which aids in the spread of the Duqu trojan.
In addition to describing the planned fixes, Angela Gunn, a senior response communications manager for Microsoft Trusworthy Computing, announced in a Thursday blog post that there is now "greater transparency" around the Microsoft Active Protections Program (MAPP).
Under the program, which launched in 2008, Microsoft shares vulnerability details with approved software security providers prior to the monthly fixes being released. This allows security firms to immediately protect their customers once the patches are delivered.
In an effort to achieve more openness, Microsoft decided to tweak the system so that it will list which partners have provided protection within four days of a security advisory being released.
The most recent advisory was released 3 November for the Duqu malware.
"Naturally, not every advisory applies to every partner, so we do not expect them all to report protections in place for every individual advisory," Gunn wrote.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.