Another big Patch Tuesday coming next week

By on

For the second time in three months, Microsoft will release a dozen security fixes as part of its monthly Patch Tuesday release cycle.

In an advance notification, the Redmond, Wash., company said today that it will distribute 12 patches next week – the same number it released in June.

Ten of the fixes will affect Microsoft Windows, with a maximum severity rating of critical.

The remaining pair of patches will be for Microsoft Office, also with a maximum severity rating of critical.

Asked for comment, a Microsoft spokesperson referred to an advance notification on the company's TechNet website.

One patch will presumably apply to a flaw in PowerPoint, which was exploited in targeted attacks shortly after last month's Patch Tuesday release.

Ken Dunham, director of the rapid response team at VeriSign iDefense, said the last three months have been busy ones for security administrators and researchers.

"I could say that we've certainly seen an unprecedented amount of activity against unpatched vulnerabilities in the past 90 days," he said. "The fact that we see multiple vulnerabilities being exploited in Office and things of that nature, it's no surprised we're seeing this level of commitment from Microsoft.

In July, Microsoft released seven new fixes on Patch Tuesday, including two security bulletins for flaws in Windows Server – which facilitates file and print sharing – that allow remote code execution.

The release also fixed a critical flaw in the DHCP client services, used to obtain IP addresses so PCs can communicate with each other.

A week later, Stephen Toulouse, security program manager, said on a company blog that Redmond's researchers were on a "state of high alert" after exploits were spotted in the wild for unpatched PowerPoint flaws.

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?