Microsoft has once again been forced to address bugs in its monthly Patch Tuesday security update, this week reissuing four security bulletins for customers.
.jpg&h=420&w=748&c=0&s=0)
The new patches became available last Thursday, just two days after the software giant released its scheduled Patch Tuesday update for buggy products.
New patches were made available for four security bulletins: MS13-067, MS13-072, MS13-073 and MS13-074, which addressed bugs in a host of Microsoft Office products, including Excel and SharePoint Server.
Non-security updates were also re-released for Microsoft PowerPoint 2010, KB2553145 and PowerPoint Viewer 2010, KB2553351.
According to the company, customers complained about updates attempting to reinstall numerous times on their machines. In other instances, patches weren't made available to customers.
“Since the shipment of the September 2013 security bulletin release, we have received reports of updates being offered for installation multiple times, or certain cases where updates were not offered via Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM),” the company said in a blog post.
“We have investigated the issue, established the cause, and we have released new updates that will cease the unnecessary re-targeting of the updates or the correct offering of these updates.”
In a Monday blog post, security researcher Graham Cluley wrote that the reoccurring issues with Patch Tuesday releases was highly concerning given the number of users that rely on the fixes.
Just last month, Microsoft pulled a patch that addresses three vulnerabilities in Exchange Server. In that incident, the Patch Tuesday fix was scrapped after Microsoft became aware that installing it caused problems.
“Following so soon after last month's buggy security update, one has to wonder what's going wrong at Microsoft Quality Control,” Cluley wrote.
“The company can't afford to keep messing up like this. The risk is that millions of users around the world will begin to question Microsoft's ability to properly patch security vulnerabilities, and lose trust in the firm.”
Microsoft did catch one bug in its Patch Tuesday update before dispatching the release. The company had originally planned to release 14 fixes, but only shipped 13 last week, leaving out one patch that would have addressed an issue in its .NET software framework, which could allow denial-of-service.
Microsoft is yet to respond to SC's request for comment.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
