iTnews
  • Home
  • News
  • Technology
  • Security

Microsoft readies five fixes for September security update

By Dan Kaplan on Sep 4, 2009 10:29AM
Microsoft readies five fixes for September security update

"Critical" fixes for Windows.

Microsoft plans to distribute five patches -- all labeled "critical" -- in next Tuesday's monthly security update.

All the bulletins will address flaws in Windows, according to an advance notification released this week. Four of the patches impact all supported versions of the operating system, while one does not involve Server 2008 or Vista. Few other details emerged in the notification.
 
There remains one known, unpatched Microsoft vulnerability: an FTP server bug, present in older versions of Internet Information Systems, that was disclosed this week on the exploit repository Milw0rm. Microsoft has acknowledged the flaw.

However, a patch for the vulnerability is not expected to arrive Tuesday, Jerry Bryant, a Microsoft security program manager, said on a company blog. He said engineers are "working hard" on a fix and, in the meantime, recommended that users review an earlier advisory, which contains workaround options.

Andrew Storms, director of security operations at vulnerability management firm nCircle, told SCMagazineUS.com that he instead expects the update Tuesday to patch "something deeply rooted in the operating system", such as an issue with the Graphics Device Interface (GDI) or Active Template Library (ATL).

Even though it is likely none of the patches will remediate previously known problems, administrators still should take them seriously.

"The likelihood of exploits coming out post-Tuesday are generally pretty fast anyway," Storms said. "That time from release to exploit has increasingly gotten shorter over the years."

See original article on scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
criticalfixesmicrosoftpatchsecurityseptembertuesdayupdate

Partner Content

Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development
Winning strategies for complaints and disputes management in financial services
Promoted Content Winning strategies for complaints and disputes management in financial services

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Dan Kaplan
Sep 4 2009
10:29AM
0 Comments

Related Articles

  • Patch Wednesday fixes two-year-old Dogwalk vulnerability
  • Juniper Networks battles swarm of bugs
  • Microsoft details massive phishing operation
  • Microsoft's monthly patch includes four serious bugs
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Services Australia sets changeover date for myGov

Services Australia sets changeover date for myGov

Google Cloud IoT Core goes on the end-of-life list

Google Cloud IoT Core goes on the end-of-life list

NBN Co proposes to axe CVC across all plans by mid-2026

NBN Co proposes to axe CVC across all plans by mid-2026

Bunnings assembles a tech team of 700 in four years

Bunnings assembles a tech team of 700 in four years

Digital Nation

Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Edge and IoT critical to Web3 infrastructure
Edge and IoT critical to Web3 infrastructure
Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Save the Date — Digital Nation Live launches on October 25
Save the Date — Digital Nation Live launches on October 25
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.