Microsoft preps six patches for next week
For the fourth month running, Vista gets a fix
Computerworld - Microsoft Corp. announced today it will release six security updates next week, the same number as in June, to patch problems in Windows, Office and the .Net Framework.
Three of the six bulletins scheduled for July 10 will be tagged "critical" -- Microsoft's highest rating -- while two will be labeled "important" and the sixth ranked "moderate." Vulnerabilities fixed by five of the six updates, however, are remote code executable, an indicator that usually means the bugs are in the most dangerous classification.
Because Microsoft limits the information it posts in the advanced notification -- even with the switch to a more detailed format that debuted last month -- it's impossible to tell why two of the bulletins harboring remote code executable flaws are rated as only "important."
Of the three updates judged "critical," one will fix Microsoft Excel, another will repair Windows 2000 Server and Windows Server 2003, and the third will patch .Net Framework 1.0, 1.1 and 2.0 in all currently supported versions of Windows -- Vista included.
The pair of "important" bulletins addresses issues in Publisher 2007 and Windows XP Professional SP2; the "moderate" update, meanwhile, is limited to Windows Vista. July marks the fourth month in a row that Microsoft has posted patches for its newest operating system, which was released to the public in January.
Four nonsecurity updates dubbed "high priority" will also post Tuesday via Windows Update, Microsoft Update and Windows Server Update Services.
Some clues about the vulnerabilities likely to be patched next week can be gleaned from third-party sources. The bulletin focused on Publisher 2007 may be a fix for a bug reported to Microsoft in late February by eEye Digital Security, for example. Secunia, meanwhile, has three disclosed but unpatched flaws in .Net Framework 1.0 in its database, but none are ranked higher than "moderately critical" by the Danish vulnerability tracker.
Assuming Microsoft releases all six updates, users will have faced 41 bulletins in the first half of 2007, two more than the 39 in the first seven months last year.
Tuesday's updates will be available for manual download from the Microsoft Web site about 1 p.m. EDT, assuming the company issues them on its usual timetable.
Read more about Security in Computerworld's Security Topic Center.
- QA Automation: Reducing Test Execution While Improving Coverage A leading capital investment firm in the US was in need of a comprehensive, cost effective and flexible solution to reduce their existing...
- Tablet, Laptop, or Desktop - Form (Factor) Follows Function Desktops, laptops, Ultrabooks, tablets, convertibles, and all-in-ones; suddenly hardware decisions seem a lot more complicated. To take advantage of these benefits, the savviest...
- The IT handbook for Windows 7 and Windows 8 migrations A comprehensive guide for IT departments making the switch from legacy versions of Microsoft Windows to Windows 7 and Windows 8. To date,...
- 7 Reasons Why Windows 8 is the Future Touch, cloud, BYOD and IT consumerization dominate the mindshare of IT managers. Windows 8 enters the scene with a host of features that...
- Accelerate your innovation with IBM Bluemix™ Join us for a webcast introducing the new IBM BluemixTM. IBM Bluemix (www.bluemix.net) is a developer oriented Platform as a Service (PaaS) environment...
- Maximizing Availability for the Modern Data Center Check out this information-packed resource center for help in maximizing the availability of your data center - from overcoming challenges to choosing the... All Operating Systems White Papers | Webcasts