Microsoft to plug security holes

Powered by SC Magazine
 

Advance warning of fixes.

Microsoft will next week launch a number of security fixes designed to address vulnerabilities issues in ActiveX and DirectShow, among other systems.

According to Microsoft, the weaknesses have already attracted the attention of hackers and the firm is keen to fix them in its monthly patch update, set for 14 July.

Three of the issues are rated as 'critical' while the remaining three are rated as 'important'. Microsoft is urging users to fix the issues as soon as possible and has provided guidance for firms on how best to prepare themselves for the patches.

Writing on his blog, Jerry Bryant of Microsoft's security response team said, "I want to provide some clarity on two of the pending Windows updates mentioned. First, we will be addressing the issue concerning a vulnerability in DirectShow. As noted in the advisory, we are aware of limited active attacks and we have been working aggressively to get a quality update shipped to customers.

"Second, our engineering teams have been working around the clock to produce an update for the issue discussed in Security Advisory 972890 (vulnerability in the Microsoft Video ActiveX Control) and we believe that they will be able to release an update of appropriate quality for broad distribution that protects against the attacks we detailed in the advisory and in an MSRC blog post by Christopher Budd."

Bryant encouraged customers in the meantime to continue to enable the workaround for the latter vulnerability "by running the 'Microsoft Fix it' solution in the associated knowledge base article (KB972890)".

He also urged users to visit the Microsoft Security Research and Defence blog as well as the MSRC site on Tuesday for additional information.

Copyright ©v3.co.uk


Microsoft to plug security holes
 
 
 
Top Stories
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
Cloud, big data propel bank CISOs into the boardroom
And this time, they are welcome.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Do you direct debit customers? Read this
Oct 10, 2014
Authorities have been targeting direct debit practices with iiNet and Dodo receiving formal ...
Optus expands 4G coverage
Oct 10, 2014
If you rely on an Optus phone for work you might be interested to know that there are now 200 ...
Microsoft Office is now free for some charities
Oct 10, 2014
Microsoft has announced that eligible Australian non-profit organisations and charities can now ...
Vodafone lights up 4G in Adelaide
Oct 9, 2014
Live and work in Adelaide? Vodafone has switched on its 4G network in the city and suburbs.
Next year tradies will be able to take payments using ingogo
Oct 3, 2014
Ingogo is going to provide a card payment service for Xero users.
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  27%
TOTAL VOTES: 244

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  62%
 
No
  38%
TOTAL VOTES: 78

Vote