Microsoft to patch critical flaws in Office, SQL Server

Four critical patches address flaws in Office and SQL Server.

Microsoft plans to issue patches to address four critical flaws in Windows Media Player, Office and its SQL Server database management system.

Microsoft released its Advance Notification Thursday. The updates will be released Tuesday and are detectable using the Microsoft Baseline Security Analyzer (MBSA). Most updates will require a restart, the software giant said.

Critical flaws are being addressed in Microsoft Digital Image Suite 2006. The software giant also said it planned patches to plug flaws in SQL Server 2000 and 2005. The updates will also address critical flaws in Microsoft Report Viewer 2005 and 2008.

Also being addressed are flaws in Microsoft's Forefront security software suite.

As it does every month, Microsoft warned that the advance information is subject to change until the updates are released next week.

In August, Microsoft issued 11 security bulletins, including six critical fixes that plug flaws in Microsoft Access, Office, Excel and Internet Explorer. The August patches were focused on client side vulnerabilities, giving IT administrators a break from patching servers.

Last month, Microsoft also announced plans to start two new security programs. It plans to create a new exploitability index. The index will rank vulnerabilities based on the likelihood of someone developing working exploit code for the Microsoft flaws within 30 days immediately following the patch release. In addition, Microsoft plans to share vulnerability information with security vendors helping them develop signatures and filters prior to a batch of patches released on the second Tuesday of each month.

Both programs are expected to begin in October.

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close